Slashdot Mirror

nazarijo (Jose Nazario) writes "With regulatory compliance hanging over so many peoples' heads (GLBA, SOX, HIPAA, etc), information security and related fields have taken on a new twist in recent years. To that end, a number of people are looking at formal evaluation methods like OCTAVE to help guide them through the tricky world of audits. It's a sensible move, too, because you want something documented, thorough, and demonstrable when it comes to an audit, and preferably something objective. The book Managing Information Security Risks: The OCTAVE Approach by Christopher Alberts and Audrey Dorofee is intended to help you fill this need." Read on for the rest of Nazario's review. Managing Information Security Risks: The OCTAVE Approach author Christopher Alberts and Audrey Dorofee. pages 471 publisher Addison-Wesley Longman rating 5 reviewer Jose Nazario ISBN 0321118863 summary An introduction to information security risk management using the OCTAVE method

Authors Alberts and Dorofee are the principal developers of OCTAVE and are staff members at the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU), where CERT has offices. As such, they're the right people to describe OCTAVE. The CERT OCTAVE website area explains the process in more detail. Needless to say, OCTAVE is a very large, complex, heavy process for an organization to go through, with some arguable benefits. Very few organizations have done so to the best of my knowledge -- most of them are scared off by the complexity of the whole undertaking.

This brings up a very important point. It's important to state the difference between a critique of the OCTAVE method and the book itself. OCTAVE is interesting in that it's an attempt to formalize the complex process of information security evaluations. Despite its shortcomings and turnoffs, it has a purpose, and I wont dispute it for the most part. The book, instead, covers an abbreviated format of OCTAVE. It's important to focus on the strengths and weaknesses of the book and not the topic.

The books is organized into three main parts. Part 1 (covering chapters 1 and 2) is an introduction to the principles being discussed in the book. The method itself, and therefore these chapters, focus on a formal evaluation of information security risks and how to manage them. The principles focus on enumeration of assets, their threats and vulnerabilities, and then remediation of the threats to minimize the risk. The section introduces the core concepts to this philosophy.

Part 2 of the book, covering chapters 3 through 11, server two main purposes, preparation and then execution of the method. Chapter 3 introduces the fundamentals of the OCTAVE method, specifically how the three phases (asset-based threat profiles, vulnerability identification, and security strategy planning) fit together. The inputs of the method and its outputs are then described; you'll be using them in later chapters. Chapter 4 helps you prepare for the approach in your organization, including how important it is to get management buy-in, who will participate, and how to organize the evaluation. Project managers will adore this chapter.

The next few chapters cover the meat of the OCTAVE method. Chapter 5 covers processes 1 to 3, where assets are enumerated and the current state of the security profile is captured, as well. This step is crucial for building a baseline and knowing what you'll have to cover. Chapter 6 leads you through the threat profile, where you examine assets that you've identified as critical and the security requirements for them. And finally, in Chapter 7, the basic identification steps are done as you identify critical infrastructure components to examine later on. This is done so that you can work efficiently, as opposed to studying every asset in depth. By studying classes of assets you can (hopefully) achieve the same coverage without spending valuable time repeating the process.

Chapters 8 and 9 deal with the commonly understood parts, the actual vulnerability and risk analysis. Chapter 8 discusses vulnerability assessment tools and some basic questions to ask about them, but leaves the actual evaluation of those tools up to another text. Chapter 9 then helps you undertake the actual risk analysis, such as the impact of any threat being realized or the probability that one would be encountered. This is what most people think of when they think of an information security audit.

This gets to what is perhaps my biggest complaint about the book. It doesn't teach you how to think creatively about threats to information security. Instead, you're told to enumerate assets and threats against them via brainstorming, as though you'll somehow "get it" the first time (or every time). For someone new to the field, this can be hard, because not all assets are obvious -- and not all threats are understood. It's a hard skillset to teach, but it should have been attempted with more gusto.

Chapters 10 and 11 close the big circle of an information security audit, by developing an information security protection strategy. It's basically a series of outlines of meetings and their agendas as you present the findings of the evaluation but are (obviously) vague in the absence of any concrete findings.

This is probably a good time to raise another objection to this book. My second biggest complaint is that the authors never cut to the heart of what the OCTAVE method is trying to do. Sure, the book covers a stripped-down version of OCTAVE, but it doesn't ever get at how you can really adapt this to your organization. Instead, it's a series of rigid steps in the OCTAVE method. If you attempt to do something different for whatever reason, you're on your own. Again, an attempt to work in some flexibility beyond what is present in Chapter 12 (An Introduction to Tailoring OCTAVE, the start of part 3) would have been welcome. This chapter just keeps you inside the narrow confines of the OCTAVE approach.

Chapter 13 attempts to bring this home by discussing the practical applications for an organization. They attempt to discuss how a small company would utilize OCTAVE, but to be honest it's so heavy and time-consuming it's hard to see how they would employ anything but the barest of concepts to their workflow. Three other examples are given: a very large distributed organization, an integrated Web portal service provider (which faces unique threats), and large and small organizations. Again, while this chapter attempts to show how to tailor OCTAVE to anything but the largest and most diligently staffed of organizations, it falls to get to the salient points of the method. Instead, it tries to foist the process on them.

Finally, chapter 14 tries to bring it all home and discuss the information security life cycle of analysis, monitoring, control, and implementation (not in that order). They hope that OCTAVE has become a part of this process and show how it complements and matures this process. Instead, I wonder if an organization will think about the effort they just expended and be reluctant to do this again. The appendices are piles of worksheets, charts and workflows to go through with OCTAVE. You can make photocopies and use them if you implement the OCTAVE approach. It's very hard to take consider these methods strong enough when you read about the report card government agencies received for information security. While they may have not been following OCTAVE, it's hard to see how a book that so superficially treats the subject matter can help anyone do better. Almost everything is just a high-level line-item risk-and-mitigation strategy. Things like "Our organization cannot deliver effective or efficient health care without PIDS" and an impact of "High" are, to put it mildly, interesting in their superficiality. So many things are simply glossed over, yet so many worksheets remain. On the other hand, if a fair treatment of threats, assets, and the like were fully discussed the book would be many more volumes, a significantly more tedious tome, and too sensitive to the shifting sands of time.

Overall the book does a decent job of covering OCTAVE's core premises, but doesn't really provide much beyond that. It's a complex process that doesn't work well for a number of organizations. Instead of helping organizations see how to use it, the authors simply keep presenting OCTAVE for what it is, which makes me question the value of this book beyond someone who has already decided to implement OCTAVE. It doesn't seem like it has a lot to offer anyone who doesn't have a large body of knowledge in information security management and a staff to deploy with worksheets in hand. The book simply fails to contribute greatly beyond the very narrow specifics of OCTAVE.

You can purchase Managing Information Security Risks: The OCTAVE Approach from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

charliedickinson writes "Web Design on a Shoestring offers the premise that modest budgets for Web development can pay off in focused, uncluttered, appealing Web sites. Author Carrie Bickner, who took on Web development with a professional background as a librarian (she is now Assistant Director for Digital Information and System Design at The New York Public Library), eschews the nuts-and-bolts mechanics of Web page crafting for a comprehensive overview of 'project management, usability, design, copywriting, hosting, and post-launch maintenance.'" Read on for the rest of Dickinson's review. Web Design on a Shoestring author Carrie Bickner pages 220 publisher New Riders Publishing rating 6 reviewer Charlie Dickinson ISBN 0735713286 summary A broad offering of tips on how to create and maintain a Website with limited resources.

Bickner defines the audience for this book with four brief portraits of hypothetical individuals, all of whom need Web sites in a fairly low-key, resource-poor way. That is, something from the Web equivalent of an entrepreneur's business card to a non-profit organization's Web site. Although Bickner is apt to invoke "we Web professionals," this book is not really appropriate to Web creatives-for-hire (who would be better advised to seek out clients with the wherewithal to ask for something original, cool, and spendy). This book's broad scope is better suited to those with a more casual interest in Web sites, or those who have added Webmastering to other job responsibilities.

But the more I read, the more I was convinced Bickner's shoestring design theory went beyond financially embarrassed budgets. In a spirit of inquiry, I looked at two Web sites where skimpy budgets should not apply. Namely, the world's two richest persons and their employers. Microsoft's Web page is a well-wrought, complex assemblage of linked pages (though the splash page's security download du jour fairly shouts subtext). In contrast, Warren Buffett's Berkshire Hathaway's Web site is possibly more shoestring than even Bickner would advocate. The point being, even when the financial resources are bountiful, one can always, as Bickner says, "dare to do less."

One first impression of Web Design on a Shoestring is its excellent organization, an attribute librarians assume with famous pride (working in a library -- though not as a degreed librarian -- I've observed the species up close). Each chapter begins with a checklist preview. The text has ample sidebars covering budget gotchas ("Budget Threat"), saving opportunities ("Spinning Straw into Gold"), and special definitions. Plenty of screen shots (mostly from Mac OS X) and code listings visually support topics under discussion.

After the intro and first chapter set out the book's scope, Chapter Two, "The Pound Wise Project Plan," tackles how one might spec out a Web site project. This is the analytical, well-organized approach: a goal list, plus written documents for functional requirements and technical requirements. "Brainstorming," inspiration, playing with what a Web site might look like -- that's probably for another book, another author. In a book titled Web Design on a Shoestring, though, I did expect some definition, in real dollar ranges, of what constitutes a "shoestring budget."

Chapter Three, "Usability on the Cheap," is a once-over-lightly of several arguments made earlier in Steve Krug's Don't Make Me Think! One of the themes in this book, accessibility, comes naturally to librarians, who work in the public arena. Bickner offers brief, informed comments about how page navigation can work sans mouse and sans Java.

Chapters Four and Five are key to any Web site creation: copy and graphics, respectively. For the supposed target audience, I wanted to see a tutorial approach, but the book's ambitious scope appears to preclude anything other than summary discussion. "Why Good Copy Counts" covers writing style, appropriate voice, plus the need to chunk and headline text. Bickner correctly claims words are a powerful tool for elevating the status of a low-budget site. On words alone, the playing field among Web site creators is level. Moreover, words -- in digital format -- need minimal computing resources compared to other tasks like image processing.

The next chapter, "The Design: Looking Good With Less," continues with the basics of font selection and usage, the advisability of using Cascading Style Sheets for fonts and colors, and some tips on keeping graphics and artwork affordable. When it came to image editors, I thought Bickner's command to buy Adobe Photoshop (or the alternative Macromedia Fireworks) arguable: "... in the case of image editors, I am not going to suggest an inexpensive alternative; spend the money. If you skimp on image editors, your site will suffer."

Even a year before Web Design on a Shoestring's publication date, Adobe Photoshop Elements was available. I run Elements on a Windows partition--reputedly eighty-percent of the functionality of the professional version at a fraction of the price. Unfortunately, no mention is given to the open-source and cross-platform GIMP (which should not be ignored, given the shoestring premise). A major flaw of this book, for this reviewer, was the relative lack of dollar-based data to bring alive the shoestring strategy -- I need more than pictures of shoelaces to get in the spirit.

But Bickner warms up to open-source software in Chapter 7, the second longest chapter in the book. "Content Management on a Tight Budget," left me wondering, though, whether the book's audience had morphed. Yes, Content-Management Systems (CMS) have benefits, especially for concurrent authoring and version control, but I don't see individuals putting together Web sites on a shoestring budget worrying such issues. I'd speculate discussions of such CMS as Zope (Bickner uses Zope for one of her sites) had more to do with her work at keeping Web sites functional at NYPL than identifiable needs of the target audience proposed in the book's intro.

Chapter 8, the longest chapter, "Save Money and Time with Web Standards," is a fairly predictable plea for contemporary coding conventions to separate structure and presentation with XHTML and CSS. Evidently, Ms. Bickner has a personal interest in this advocacy. As she notes in the last paragraph of the chapter, "Jeffrey Zeldman is my personal favorite web standards evangelist ... his book Designing with Web Standards fills in where this chapter leaves off. I know that because as I write this book, he is sitting behind me writing his book. We don't get out much."

The last chapter, "Bang-for-Your-Buck Hosting and Domains," is a caveat emptor about finding a satisfactory host to serve up the newly created shoestring Web site. Predictably, low-ball rates do not guarantee long-term happiness.

At book's end, I concluded Web Design on a Shoestring's intriguing premise and ambitious scope made for good intentions. But the execution (spotty and thin discussions, with a paucity of dollar-based illustrative data) did not add up to a $24.99 recommended buy. (A library loan, maybe.)

If one really wants to design a Web site on a shoestring, go for the rifle, not the shotgun. Pick up Steve Krug's Don't Make Me Think! for usability and any book, new or used, by Robin Williams for Web design. I vouch for Krug and Williams because any page of their books shows the understanding and passion of a person in their gift. Reading these books generates enthusiasm the DIYer on a shoestring must have.

In contrast, rewards of reading Bickner often turn out to be, I hope, unintentional. The "easter egg" of reading Ms. Bickner's home address and home phone number in a screenshot figure showing Zope metadata. A "Definition: UNIX and Linux" I'm tempted to e-mail Richard Stallman. But it was the final paragraph that gave Web Design on a Shoestring a sweet finish:

"Shoestring design is not for the rich and famous, although shoestring designers have occasionally spun straw into gold and low-budget sites into fame and fortune. It is also not for the unmotivated or the easily discouraged. But if you keep at it, you will grow creatively and professionally in ways you never imagined. And that is something no amount of money can buy. See you in the discount rack!"

I trust Warren Buffett will never read these words.

Before joining Multnomah County Library, reviewer Charlie Dickinson was a technical writer for a publications group at Intel and elsewhere. His Web sites are "stories & more", first hatched in 1998; and "An American in Yaris" , a fledgling work-in-progress. You can purchase Web Design on a Shoestring from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

nazarijo (Jose Nazario) writes "Everyone knows that Kerberos is the biggest solution to the single sign-on dilemma. How can you get everyone using one bank of accounts on loads of machines, from UNIX, OS X, and Windows environments, and do so securely? You can shoehorn in a variety of mechanisms, or you can adopt Kerberos. However, Kerberos intimidates a lot of people, somewhat deservedly so, but also somewhat needlessly. Enter Kerberos: The Definitive Guide, one of the latest 'definitive guides' from O'Reilly." Read on for the rest of Nazario's review. Kerberos: The Definitive Guide author Jason Garman pages 272 publisher O'Reilly and Associates rating 7/10 reviewer Jose Nazario ISBN 0596004036 summary A comprehensive, cross platform guide to Kerberos

I got started using Kerberos many moons ago, at my university. This is probably how many people got to know about it. While I didn't use it very much, it's there that I learned the basics and experimented a bit with Kerberos. Interest in it took off after Microsoft incorporated Kerberos authentication mechanisms into Windows 2000. Suddenly it wasn't such arcane knowledge.

Two open source Kerberos implementations exist, the MIT reference implementation, and the Heimdal Kerberos implementation. Even then, there are two main versions which you can find, Kerberos IV and Kerberos V. Kerberos IV went away for most environments with the passing of the Y2K mark, but some legacy apps need support. So, you still have to deal with it on occasion.

In writing Secure Architectures with OpenBSD, I got a lot more intimate with Kerberos, and even set up a decently sized realm in my house. Hence, I got to experience the turmoil of setup and debugging. A book like Kerberos: The Definitive Guide (K:TDG) would have been very welcome. Instead, I slogged my way through it, and got it to work for the most part.

K:TDG will help you set up your Kerberos world by introducing you to the complex subject, terminology, and the pieces. Once you learn the basics, you recognize that a simple realm is actually somewhat easy to set up. The author, Jason Garman, uses a mixed Mac OS X, UNIX, and Windows environment, focusing on UNIX most of the time. The bulk of the examples deal with MIT Kerberos 5 version 1.3 (krb5-1.3) but should work for most versions. Some attention is given to the Heimdal implementation (which is integrated with BSD, for example), and for the most part you'll be OK. Windows examples are also pretty copious but always come second. If you're comfortable with UNIX, you'll easily be able to translate these into Windows examples to help bridge the Windows gaps.

Chapter 1 is an obligatory Introduction, a short chapter that introduces the key concepts of Kerberos and what the book will cover. A very quick comparison of Kerberos to DCE, SESAME, and earlier versions of Kerberos is given. This chapter serves as a nice selling point for the book, it's the type of thing you'd flip through in the book store to decide if you should buy the book or not.

Chapter 2 is a decent overview for the new user of Kerberos to the system and how it works. Kerberos is placed into its role in a AAA infrastructure - authentication, authorization, and accounting - as well as some caveats that are commonly made. You'll learn about core Kerberos features like tickets, realms, principles, instances, ticket granting tickets, and the ticket cache. A decent overview for practical purposes is given, but you will definitely want another resource if you're interested in diving headlong into Kerberos.

These pieces come together in Chapter 3, where the actual protocols are described. They're laid out for a non-cryptographer, so go elsewhere if you want to learn the real formal material behind the system. Understanding the protocols is important to understanding the service as a whole. For someone new to Kerberos, you'll probably want to spend a little more time reading this to get oriented in the Kerberos world. The chapter doesn't mess around too much and delivers a fair treatment of the material.

Chapter 4 is the meat of the book's material, setting up your implementation. It all starts with the KDC (key distribution center) and realm initialization. Again, the bulk of the treatment is on the MIT implementation on UNIX, with the Heimdal and then Windows sections following next. Slave KDCs are also introduced, which is useful for large environments. An OS X server is missing, but Kerberos clients for all three (UNIX, Windows and OS X) is given. The role of DNS is also explained well, a useful touch that's missing in some Kerberos documents I've used in the past. This chapter will get you started, and with some of the supplied documentation you should be up and running in no time.

Chapter 5 is devoted to troubleshooting, an all too familiar task for a new Kerberos administrator. Common problems, their diagnosis, and resolution are discussed. I like the presentation of this chapter and think it will be useful for most real-world situations you'll encounter.

Security concerns with Kerberos are covered in Chapter 6, which discusses concrete and abstract attacks on the Kerberos scheme. Since all of the security in Kerberos resides in your KDC hosts, obviously this covers some of the material. However, the clients can exposes your Kerberos realm to attacks, as well, and how to circumvent these problems is covered. A decent and practical chapter, and covered on both UNIX and Windows.

In Chapter 7 a number of Kerberos enabled applications are discussed. After all, you can do more than just log on locally with Kerberos, you can use remote login programs like SSH, remote access scenarios like printing, and even control X via Kerberos. While not every application that I would have liked was covered, the treatment was fair and should get you started with a number of Kerberos enabled tools in your new realm.

A strong selling point of the book is given in Chapter 8, titled Advanced Topics. Three main topics are discussed. The first is cross-realm authentication, where you have more than one separate Kerberos realm on your network but you want to have users switch between the two without creating accounts in the other. This can get tricky, and the book does a decent job of introducing it, but it's not as complete as it could be. The second main topic in this chapter is Kerberos 4 and 5 interoperability, which is relatively straightforward. Most Kerberos 5 implementations come with tools to process Kerberos 4 ticket scenarios to handle legacy applications. And finally, a really valuable section covers UNIX and Windows Kerberos interoperability, a hairy issue. Again, incomplete but strong enough that you should be able to get it working with some elbow grease. This is probably the most valuable chapter of the book, which does a decent job at the introductory level, but you'll be left to tie up a few loose ends on your own.

An obligatory case study is given in Chapter 9, where you can see a number of configuration samples and even a mixed Windows-UNIX environment. Not terribly useful when compared to chapters 4 and 8, but overall worthwhile. It may answer some of your questions, even. Chapter 10 wraps up the book with looking at Kerberos futures, which isn't all that useful, honestly. What gets more useful is the appendix, which gives an administration reference. Lots of commands are given for MIT, Heimdal and even for Windows, so you can quickly jump there to refresh your memory on a topic.

Overall this book is recommended if you need a place to start working on Kerberos, especially in a mixed environment. The MIT and Heimdal documents are a fair place to start for a UNIX only Kerberos realm, but if you find they aren't enough, this is probably the right book for you. The book's main strength is that it covers Kerberos on the three main platforms in use (Windows, OS X, and UNIX), although it could provide a deeper treatment to the mixed environment than it gives. Still, you should be able to use this as a starting point, and it's probably the best treatment I've seen so far on Kerberos setup and administration.

You can purchase Kerberos: The Definitive Guide from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

Dean Wilson writes "When it comes to software development the Pragmatic Programmers are widely recognised as masters of their trade, but with the release of their award-winning Starter Kit Series they've begun to gain a reputation for writing, editing and finding book authors that are as talented as they are. Pragmatic Version Control Using Subversion by Mike Mason is an excellent example. The book itself is an introduction to using Subversion (focusing on the command-line tools), but while it clearly covers all the essentials: basic commands, tagging, branching, etc. it also delves into some of the related, but often overlooked areas of version control. When it comes to version control systems, CVS has long been the workhorse of the Open Source and Free Software movements -- but with the release of Subversion, it's time to put the old nag to rest; and this book tells you what you need to do it." Read on for the rest of Wilson's review. Pragmatic Version Control Using Subversion author Mike Mason pages 224 publisher The Pragmatic Programmers rating 8 reviewer Dean Wilson ISBN 0974514063 summary An excellent guide to version control with Subversion for developers and sysadmins

Chapters on repository layouts, integrating third party code (into your source tree and products) and conflict resolution all help raise this book from just being a single application tutorial into a best practices guide that you'll come back to long after you've gained confidence with Subversion itself.

Pragmatic Version Control Using Subversion is very similar to Pragmatic Version Control Using CVS, but this is in no way a criticism! The previous book was the best introduction to CVS that I've read, and this related volume manages to retain the winning formula while adding useful sections, such as CVS hints, to help people migrating across.

While the book has a broad appeal, the ideal audience are those developers who know they should be doing version control but have heard it's too complex, have been burnt by previous mistakes, or just don't know where to start. Seasoned developers will also find this book useful, but in different ways. For instance, using it as an easy to scan and follow reference, handing it down to less experienced colleagues, or even just for quickly bringing themselves up to speed when moving from CVS to Subversion.

Considering the book's slim size (or quick download, if you purchase the PDF version) it packs in surprisingly wide coverage of the important topics. The first two chapters provide an overview and sell the benefits of using a version control system. They cover what should and shouldn't be under version control, and clearly explain the terminology required to understand both the technology in general and the book's later chapters.

Chapters 3, 4, and 5 get you working from your own Subversion repository and introduce the essential commands. They show how to create, add and import your projects in a clear, easy-to-understand way. Once you have some files to work with, they take you through a well-paced tour of the simple operations; checking out, committing and accessing the files in different ways.

Following these, Chapter 6, "Common Subversion Commands," shows some of the more complex but essential tasks you'll want to perform in Subversion; setting properties, looking at changes and their associated history and how to handle merge conflicts. These are all presented in short sections that provide enough information to be useful on a day-to- day basis while not leaving beginners bogged down in the minutiae.

Jumping ahead slightly, we leave the part of the book that everybody using Subversion should read and move onto the more powerful, and complex, functionality such as "Using Tags and Branches" (Chapter 8) and the more abstract topics of "Organising Your Repository" (Chapter 7) and dealing with "Third Party Code" (Chapter 10).

Chapter 8 stands alone in the second half of the book due to its coverage of a very technical subject; chapters 7, 9 and 10 are more abstract. Tagging and branching are one of the more notorious areas of version control, but this book -- much like the CVS book before it -- manages to explain not only when and how to use both tags and branches, but also provides enough guidance to allow the reader to 'smell' when something's wrong and adding them would make it worse.

Chapters 7, 9 and 10 logically combine to cover the issues surrounding setting up your own project, including the project's structure, the integration of third party code, external projects, and binary libraries such as Nunit or Java mock libraries. Considering the amount of maintenance coding (as opposed to new projects) that happens in the world, these chapters might not be immediately useful to a fair chunk of the readership. I don't think they should be removed, though -- better to leave them in and show best practices and experience-driven common sense than remove them and let people make the same mistakes over and over again.

It's worth noting that the appendices are a lot more useful than the filler material typically found lurking at the back of a book -- they cover a couple of topics that don't fit elsewhere and help round out both the book's coverage and appeal.

Appendix A is more relevant to system administrators than developers. It shows how to install Subversion on the server. It then gives a brief introduction to configuring, serving (using either the native svnserve, svn over SSH or via Apache) and adding basic security to your repositories. It finishes off with a short, but useful, digression into backing up your hard work.

This appendix provides a valuable, quick guide to getting a Subversion install in place. It's a good starting point for anyone who needs to actually run and maintain a Subversion server.

The remaining appendices vary in usefulness. Appendix B is a concise introduction to migrating a CVS repository to Subversion; this is something you either need desperately or won't care about. Most of Appendix C shows how to perform common tasks using the TortoiseSVN extension for Windows Explorer; this won't appeal to the Unix/Linux crowd but might help sway Windows developers away from the hell that is Visual Source Safe.

In short, whether you're new to version control in general or just Subversion itself, this book is highly recommended. Clear, concise and crammed full of useful, important and dare I say, pragmatic, advice and information. An excellent book in its own right and a worthy addition to the Starter Kit Series.

Dean Wilson is a System Administrator at Outcome Technologies. His personal site is unixdaemon.net. You can purchase Pragmatic Version Control Using Subversion from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page

r3lody (Raymond Lodato) writes "Writing Linux applications is not a simple endeavor. The Linux operating system provides a sophisticated framework for running programs, and learning how to take advantage of that framework requires some research. The book Linux Application Development, 2nd Ed., by Michael K. Johnson and Erik W. Troan provides much of what you need to know within its sturdy covers. Pitched to the intermediate to advanced programmer, all of the basic programming APIs are covered -- some in detail, some in brief." Read on for the rest of Lodato's review of this book. Linux Application Development, 2nd Ed. author Michael K. Johnson and Erik W. Troan pages 736 publisher Prentice Addison-Wesley Professional rating 9/10 reviewer Ray Lodato (rlodato AT yahoo DOT com) ISBN 0321219147 summary Covers just about everything intermediate to advanced programmers need to interface with Linux from their applications.

The overall structure has the book divided into four major parts: Getting Started, Development Tools and Environment, System Programming and Development Libraries. Part 1, Getting Started, is a very high-level overview of Linux itself. The three chapters cover barely 20 pages, and discuss the history of Linux, its licensing, and the online documentation.

Part 2, Development Tools and Environment, gets more detailed, but ends up as a medium-level view of what tools you might use to actually create and debug your application. Six chapters covering about 75 pages discuss editors (Emacs and vi), make, the GNU debugger gdb, tracing, gcc options, glibc, memory debugging tools, libraries, and the environment. Each chapter feels a little lightweight except for the one on memory debugging tools. Here the authors dive into the common issues of buffer overflows and underruns, and the various utilities you can use to discover them. Not only the glibc features mcheck(), MALLOC_CHECK_ and mtrace(), but the memory profiler (mpr), Valgrind, and Electric Fence are discussed in enough detail to be useful.

If the first two parts seemed to just skim the surface somewhat, Part 3, System Programming, definitely dives into the deep end of the pool. Each chapter covers its topic in detail, and many code examples are given to clarify the concepts. Part 3 has 13 chapters and covers 450 pages, almost two-thirds of the total book. My major complaint with Part 3 is that related chapters appear to be separated by others. I will discuss them as I see the relationships.

Chapter 10 covers the Unix/Linux process model. Signals, job control, processes and threads are explained in detail. The authors also describe the 'gotcha's involved with setuid and setgid programs. The chapter ends with the first iteration of a sample shell program, ladsh. This shell is expanded as the book progresses to explain newer concepts. This topic should be followed by chapter 15 (Job Control), which goes into job control, including how to stop and start processes, move jobs between the foreground and the background, and handle job control signals.

Skipping back, chapter 11 introduces the file handling metaphor and how it relates to files, pipes, directories, devices, links, and sockets. It also explains inodes, file permissions, file descriptors, and the read/write/seek system calls. Chapter 13 expands on chapter 11 by discussing the advanced topics of multiple file handling, memory-mapped files, file locking, and scatter reads/gather writes. The next chapter goes over directory operations, such as handling the working directory, file name globbing, walking trees and directory change notification.

Signal Processing (chapter 12) discusses simple interprocess communication including signals and handlers. It describes the Linux and POSIX Signal API, real-time signals, and how to transmit data with a signal. Remote interprocess communication occurs over sockets. Chapter 17, Networking with Sockets, shows how to use the socket API, which can be used for IP, IPX, AppleTalk and Unix domain sockets. Michael and Erik show how to write a client and server, how to handle name resolution, the differences between session (e.g. TCP) and datagram (e.g. UDP) communications, and finish with an example tftp server.

Obviously, many programs need to interact with the user, and that's where chapters 16, 20, and 21 come into play. Chapter 16 talks about terminals (tty) and pseudo terminals (ptty) and how to program them. The POSIX termios interface is discussed in depth. Chapter 20 gives you tools to manipulate virtual consoles, which create the abstraction needed to multiplex different sessions on the same keyboard, video, and mouse. The following chapter talks about the Linux Console including text-based screen-drawing with S-Lang and curses, the terminal capabilities (termcap) and terminal information (terminfo) databases, ANSI Escape sequences, as well as direct screen writing.

Chapters 18 covers basic system calls for time/date representation and formatting and timer usage, and chapter 19 covers pseudo-random number generation and its use in cryptography. Finally, part 3 wraps up with chapter 22 discussing how to write secure programs. Common exploits such as buffer overflows and unauthorized directory traversals, and the ways you can prevent them (length checking and chroot, for example) only scratch the surface. The authors recognize this is just an introduction and refer you to another book to fill in the blanks.

The final part of the book covers the various development libraries commonly available to the programmer. The six chapters cover a wide range of topics. Chapter 23 covers the ins and outs of string handling, including processing regular expressions. A simple grep program demonstrates the ideas. Using S-Lang to handle the terminal is the main interest of the next chapter. Basic input/output handling, and line drawing using text characters seem mundane in this day and age of GUI interfaces, but they have their place. Check out a Red Hat install to see what I mean.

Chapter 25 discusses database interfaces. While gdbm and Berkeley db are better known, Michael and Erik chose to focus on qdbm, which is licensed under the LGPL, making it more attractive. Linux programmers are used to typing in commands with all of their options. Getopt and getopt_long are the standard for processing those options, but popt is detailed due to its extended capabilities, such as nested options which allow libraries to define options for them to handle which the main program can effectively ignore.

The final two chapters cover dynamic loading of shared objects (as opposed to shared libraries) with the advantages that provides, and user identification and authentication, covering id-to-name translation, and Pluggable Authentication Modules (PAM). As usual, example code shows clearly how to use the interfaces.

I know this review is lengthier than usual, but this book has so much packed within its covers, I didn't want to give short shrift to any part of it. When programming, one needs a number of reference books at hand, and Linux Application Development should definitely be one of the handiest. Just about every aspect of how to interface to Linux from your application program is covered, and the numerous code snippets and examples keep things understandable. An extremely useful book such as this deserves a high ranking. My only concerns were how the first two parts seemed skimpy compared to the rest of the book, and the part on System Programming could have been laid out better. That said, Linux Application Development rates a 9 out of 10.

You can purchase Linux Application Development, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym writes "AppleScript: The Missing Manual by Adam Goldstein is part of the Missing Manual series of beginner/intermediate books published by Pogue Press/O'Reilly and Associates. This series focuses on computer products that have been released without adequate printed manuals (Mac OS X, iLife '04, Google, iPod and iTunes, Windows XP, Windows 2K, among others). I would venture that this also applies to most major software releases, which should keep Mr. Pogue, O'Reilly and their contributing authors busy for quite some time. Their newest release, AppleScript: The Missing Manual, is a welcome addition to their catalog of smart, funny and user-friendly books." Read on for the rest of Norbury-Glaser's review. AppleScript: The Missing Manual author Adam Goldstein pages 304 publisher Pogue Press/O'Reilly & Associates rating 8 reviewer Mary Norbury-Glaser ISBN 0596008503 summary AppleScript for the Beginning/Intermediate User

AppleScript mimics the syntax of English. As such, its grammar by intent should be easy for English speakers to grasp, which results in an intuitive and simple to use scripting language. However, this doesn't undermine its role as a very powerful tool for automation.

There are very few books on AppleScript, and certainly not many current volumes outside of Matt Neuburg's excellent AppleScript: The Definitive Guide (O'Reilly) for the intermediate-to-advanced scripter, and Hanaan Rosenthal's reference-type manual, Applescript: A Comprehensive Guide to Scripting and Automation on Mac OS X (Friends of Ed). But Neuburg's book is intended for the intermediate to advanced reader while Rosenthal's book is a bit extensive to be called a primer. Hence, there are few worthy contributions for the beginner. Goldstein's Missing Manual fills this gap with coverage of the current Mac OS 10.3 (Panther) release of AppleScript, including multimedia support, GUI scripting and AppleScript Studio. While the book is intended for the beginner and intermediate user, power-hounds will also find many tricks, tips and hidden tools.

The book is divided into four parts: "AppleScript Overview," "Everyday Scripting Tasks," "Power-User Features," and "Appendixes." Part One begins with the usual suspects: where to find the AppleScript folder in Mac OS X, and how to enable the script menu (and how to take advantage of the surprising number of useful scripts you'll find there). In just a few pages, Goldstein hands the reader a collection of valuable scripts that were hiding in OS X Panther all along (I particularly like the "ransom note" script). Chapter 2 introduces the Script Editor application and provides a comprehensive description of Script Editor properties, tools and preferences. After setting up the work environment and introducing the AppleScript tools to the reader, Goldstein begins hands-on scripting in Chapter 3: displaying dialog boxes, commands, commanding other programs, using tell statements and how to find and use the command dictionaries specific to the Finder and other scriptable applications. This author avoids the pitfall of overwhelming the reader with too much information, too many new concepts, and too many abstruse examples.

Part Two is the core of the book, and covers "Everyday Scripting Tasks." The seven chapters in this section run the gamut of increasing difficulty: manipulating text, controlling files, creating lists, organizing and editing graphics, playing sound and video, internet and network scripting, and organizing information in databases. The author quickly takes the reader through a series of simple scripts designed to illustrate AppleScript syntax. Chapter 4 covers variables, strings, dialog boxes, scripting applications and running scripts from text. Goldstein scripts TextEdit, the built-in Mac OS X word processor, by adding code to automatically add new text to a document, adding formatting and adding a word count. He then adapts this exercise to scripting Microsoft Word, which contains far more robust AppleScript support. The contrast is a good example of the range of AppleScript support between applications; some programs aren't AppleScriptable at all, while others offer varying degrees of support.

Chapter 5 includes a primer on file paths as an introduction to folder and file scripting (displaying and opening folders; moving, backing up, deleting and saving files). There are quite a few exercises here that train the reader in using the dictionary and becoming more adept with the AppleScript syntax.

Creating and manipulating lists is the subject of Chapter 6. It covers lists: nested lists, list commands and various ways of displaying lists. Goldstein creates a UNIX top-like/Activity Monitor AppleScript to display a simple list of running programs. This exercise leads into list processing and batch renaming which is the type of automation AppleScript excels at. Other list examples include joining, merging, inputting, and getting lists from other programs (TextEdit and MS Word are again the apps of choice). Lists are ubiquitous, and we spend an enormous amount of time organizing and sorting through them. Goldstein shows the reader how well AppleScript is suited to the task of manipulating lists quickly and efficiently.

The author moves on to another core application of AppleScript in Chapter 7: organizing and editing graphics. Graphics applications are highly scriptable, and Goldstein illustrates this with tutorials using iPhoto and Photoshop: creating new iPhoto albums, showing slideshows, color-correcting images automatically, filtering images, getting image dimensions and creating droplets. One of the most practical uses of AppleScript in this category is batch conversion of images from one format to another using Image Events. (You don't have to be a graphics professional to see how often anyone with a digital camera would make use of this script.)

Scripting sound and video apps is discussed in Chapter 8: manipulating tracks, converting song files, making your Mac speak to you and listen to you, showing full-screen QuickTime movies, rotating movies and embedding movies within scripts. For those with DVD-drive equipped Mac, Goldstein also unveils the AppleScript menu within the DVD Player app. For so many people who rely in iTunes to catalog their extensive music collection, there are very good scripts here for streamlining playing tracks, creating song ratings and performing song file conversions. The best video tip is using AppleScript to enable full-screen video within QuickTime Player, a feature normally available only if you upgrade to the Pro version.

Chapter 9, "Internet and Network Scripting," is chock-full of fun and useful scripts for Internet Connect, Safari, Address Book, Mail, iChat and Keychain. Goldstein shows the reader how to automate dial up an ISP, show Airport signal-strength fluctuations, view Web page source code, run AppleScripts from a Web page using Safari Services, use AppleScripts right in the Safari address bar, save scripts in the favorites bar, find contacts in Address Book, check for new and unread messages in Mail, create iChat controls, download and upload files, and recall passwords. The Power Users' Clinic aside is particularly interesting as it deals with using AppleScript to interact with Web Services using call soap or call xmlrpc. Goldstein provides resources and references for pursuing this advanced topic.

The final chapter in Part Two involves database scripting, including creating simple AppleScript databases and scripting FileMaker Pro databases using AppleScript to enter and sort data. Goldstein includes a nice FAQ on FileMaker's built-in ScriptMaker option.

Once the reader whips through the example scripts in Parts One and Two, it's time to get down and geeky. Part Three, titled "Power-User Features", is the section of the book for geeks and wanna-be geeks. Goldstein shoves enough advanced techniques in five chapters to make these alone worth the price of the book. Chapter 11 introduces folder actions to the AppleScript repertoire of advanced features. The reader learns how to enable folder actions, attach built-in folder actions to specific folders, view and edit these built-in folder actions and run his or her own actions. Folder actions always bring to mind Sal Soghoian's (AppleScript Product Manager and Evangelist) lectures on AppleScript and some tricks to play on unsuspecting co-workers with folder actions. For example, a clueless user double-clicks a folder to open it and it opens and immediately closes ... If you're an IT manager, sometimes you just need to break up the monotony once in a while!

Dictionaries are revisited in Chapter 12 and the author addresses the unfortunate situation when an app doesn't have a dictionary, or has such a limited dictionary that it's effectively useless. Goldstein explains how to control these programs with Mac OS X's GUI Scripting feature, System Events (to automate the clicking of buttons or typing of keys instead of using commands) and Apple's UIElementInspector to discover an object's hierarchy (a download available from http://www.apple.com/applescript/uiscripting).

My favorite chapter in this section is Chapter 13, "Mixing AppleScript and Unix." Goldstein gives a quick terminal lesson followed by a neat trick to display the Expose button ("the blob"). Other helpful actions: use do shell script to run Unix programs straight from AppleScript, run shell scripts with admin privileges, run AppleScripts from Unix thus saving time by bypassing the Script Editor and schedule commands (use an AppleScript to run cron every day, use iCal to schedule scripts). Even users who normally shy away from the terminal will want to try some of these.

Chapter 14 is titled "Testing and Debugging Scripts," and offers some advice and tools to handle errors that show up when you compile a script. Goldstein offers a handy table of common compiler errors and likely causes, error handling tricks (using a display dialog command and the log command) and tips on avoiding typical scripting errors like infinite loops, coercions and nonexistent items.

The author closes this chapter with a brief introduction to Xcode: how to download it, install it and use it to debug your scripts. Xcode is a much more powerful tool than Script Editor and therefore has better features and options for debugging. The reader should probably choose to revisit this section after the chapter that follows, on AppleScript Studio, where Xcode is handled with a bit more depth.

The final chapter in the book is "AppleScript Studio," where Goldstein creates a simple "SpeakToMe" project that contains a dialog box for typing in text, a pop-menu menu with Mac OS X system voices and a button labeled "Speak." This chapter is a very brief nod to AppleScript Studio (Xcode and Interface Builder) but gives the reader a taste for what application building with control over the GUI is all about. This is enough to pique the reader's interest and provides enough hands-on experience to engender confidence in using these tools.

Part Four contains the Appendix A through C: "AppleScript Support in Common Programs" (a very useful set of tables of applications, their level of AppleScript support, price and where to get them), "Moving from Hypercard to AppleScript" (options and advice for converting Hypercard stacks to AppleScript and major syntax differences between HyperTalk and AppleScript), and "Where to Go from Here" (AppleScript sources: Web sites, discussion lists and books).

The Missing Manual series uses a nice layout style with a "soft" look; the pages have black tabs on light gray margins that identify the chapter topic and dark gray sidebars. Screenshots are enhanced with a shadow effect that raise the graphic off the page in a visually appealing manner. The notes, tips and boxed asides (Gem In The Rough, Workaround Workshop, Power Users' Clinic, etc.) are relevant, concise and often contain an element of humor; they don't detract at all from the flow of reading the main text. Each chapter has a gentle reminder that example scripts can be found on the Examples CD disk image that can be downloaded from the Missing Manual web site (http://www.missingmanual.com). References to definitions, tips, hints and other topics are indicated with a page number, not the usual "somewhere in the depths of chapter x". The Web site for the Missing Manual series (http://www.missingmanual.com) contains a link to "Missing CD-ROMs" where readers can download free and shareware applications described in the book series. For this particular book, the author has made a disk image available containing all the sample scripts used in the text examples. Errata can be found at O'Reilly's site (http://www.oreilly.com/catalog/applescripttmm/ind ex.html).

This book is eminently satisfying on many levels: the writing style is conversational and humorous (I would imagine this is a pre-requisite for writing for David Pogue), the style of this book series is consistently pleasant to read and the level of technical difficulty satisfies the range of readers from beginner through power-user. The "valuable information:price" ratio is, hands-down, in the buyer's favor.

A final note about Adam Goldstein, the author of Applescript: The Missing Manual: he is the teenage founder of GoldfishSoft (http://www.goldfishsoft.com), a Mac OS X games and utilities software company (my 7 year-old son loves AlgeKalk and FrakKalk, geek that he is). By "teenage," I mean Adam Golstein is 17-ish. He began contributing to this Pogue/O'Reilly series several years ago by writing a few sections of Mac OS X Panther Edition: The Missing Manual (FileVault, journaling and Disk Restore). I suspect we'll be hearing a lot more from Mr. Goldstein, and I'm looking forward to it.

Mary Norbury-Glaser is an IT Director at a University of Colorado Health Sciences affiliate center in Denver. Working in a multi-platform academic environment dominated by Windows boxes, she sometimes feels like the Mac Maytag Lady. You can purchase Applescript: The Missing Manual from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Despite a growing interest in the field, books on game design can be jargon-filled textbooks too intimidating for the average game player. Raph Koster's A Theory of Fun for Game Design takes an entertaining look at a subject that has, in some ways, been taken too seriously by other authors. The book is thoughtful as well, providing a groundwork for a discussion of games as learning tools, art, and societal shapers. Read on for my thoughts, and some commentary from the author, on this distillation of a designer's viewpoint. A Theory of Fun for Game Design author Raph Koster pages 244 publisher Paraglyph Press rating 9 reviewer Zonk ISBN 1932111972 summary Game design as examined by a skilled craftsman, with a unique look at the larger context of games. Raph Koster speaks often on the subjects of game design and interactive narratives. A Theory of Fun for Game Design is an approachable version of the larger body of writing and speaking Koster has produced in his years of design work. Its unusual accessibility is clear as soon as you open the book: while the left-hand page page contains text and observations, the right hand page makes (sometimes snide) commentary on design via comics drawn by the author.

Mr. Koster kindly agreed to answer questions when I was preparing this review. When asked about the audience of the book, he said "The book was intended in large part as something I could give to my parents, or to other relatives, or to non-industry friends, as a way to explain what it is that my profession is all about." As such, the comics and plain-spoken writing bring design concepts into focus for readers who may not want to spend the rest of their lives on these topics.

The chapters of Theory of Fun are not organized formally, but the book seems to fall into three sections. The first section sets the stage by discussing what exactly a game is. "Games are puzzles to solve, just like everything else we encounter in life." Koster's thesis is, essentially, that games are learning puzzles. In his experience, simple games are created by children to teach themselves useful skills. More formal games have similar goals, but modern games exist almost entirely to provide the elusive substance of fun to the player. This assertion resulted in a brisk discussion on the site Terra Nova. Exactly what people want when they pick up a joystick is very much in debate even by industry professionals.

The central portion of Koster's theory ruminates on the roles games play, why games are designed the way they are, and what matters in a game. The meat of the book is here, in discussions about why gamers cast aside the ethical quandaries brought up by games like Grand Theft Auto (they're playing the game mechanics, not the fiction surrounding the mechanics) and in the observation that the destiny of all games is to become boring. An amusingly astute statement about cheaters caps off a discussion of the tendencies players have to finding the optimal solution to a game: "When a player cheats in a game, they are choosing a battlefield that is broader in context than the game itself.&quot

At the end of the midsection, the eternal discussion of games as art makes an appearance. Instead of equivocating, Mr. Koster makes his opinion very clear. "Art, to me, is just taking craft seriously. It's about communication (as I have said many times, in the book and elsewhere). Taking what we do seriously, *even if for frivolous ends,* just leads to better work. Considering what you are doing to be art tends to emphasize high standards, experimentation, expression, thoughtfulness, and discipline -- even if your goal is to make a gag-a-day newspaper strip or macrame hangings for your window."

To close his discussion on games and to provide a larger context against which to examine them, Mr. Koster steps outside the bounds of game design and makes some fairly dramatic statements about what games should be. While other media portrays the human condition almost as a matter of course, he argues, games rarely connect with the most basic aspects of our lives. To his mind, in order to truly achieve respect alongside the novel or the musical composition, games should "illuminate aspects of ourselves that we did not fully understand."

In his epilogue, Koster goes even further, arguing that -- as authors of art -- game designers should take responsibility for their creations. "I have little patience for those who hide behind the statement that 'it's just entertainment.' To deny our influence while simultaneously crowing about our financial success is at best naïve, and at worst irresponsible."

The book itself is well laid out, with the thoughtfully edited and often humorous text set amid plenty of whitespace on the right and the usually well-drawn comics on the left. The comics set the tone for the whole book, which in format resembles more of a collection of Far Side strips than it does a technical guide. The back of the book contains an extensive commentary section where offhand references and asides are explained in depth.

If you're planning on entering the field of game design, A Theory of Fun won't help you to storyboard a plot, model a texture, or develop a code base: if you're looking for the technical aspects of game design or deep academic consideration of the field, other titles will hold more for you. The intended audience of this book is quite wide, and Koster does an excellent job of making everyone feel included in the conversation that occurs between the pages. While game players and professionals new to the field alike can get a lot from what he discusses, the reader who may benefit the most from Theory of Fun is the seasoned game industry worker.

With the endless rehashing of game and design concepts currently in circulation and parent groups growing ever more shrill at the release of morally ambiguous titles, Raph Koster's book is a refreshing read. The book is an unpretentious examination of what it is that makes a game a game. He steps beyond the dehumanizing aspects of game mechanics to look at games and their designers in a broader societal context. If for no other reason that that, Theory of Fun is worth a look to read the opinion of someone who gives a damn.

You can purchase A Theory of Fun for Game Design from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

ThinkMagnet (James Mitchell) writes " Blink: The Power of Thinking Without Thinking is Malcolm Gladwell's foray into the study of intuitive decision-making. The author, a former Washington Post science and technology writer, reveals his journalistic background in his narrative style. His assertions are based on recent scientific findings, but are always presented as a story. This makes good conversation fodder, but can frustrate readers who prefer direct presentation of scientific arguments." Read on for the rest of Mitchell's review. Blink: The Power of Thinking Without Thinking author Malcolm Gladwell pages 288 pages publisher Little, Brown (January 11, 2005) rating 8 reviewer James Mitchell ISBN 0316172324 summary This book discusses in narrative style the mechanics of subconscious snap decisions.

First, Gladwell introduces a concept called "thin-slicing." This involves the human brain's critical reduction of information to make predictions about complicated systems. For example, a system developed at the University of Washington can predict with 95% accuracy whether a couple will be divorced within fifteen years, based entirely upon one hour of observed interaction.

Next, Gladwell discusses analogous ways the human brain uses thin-slicing to make subconscious snap decisions. Interestingly, this rapid decision-making process can easily be primed by external influences. External influences affect more decisions than many people care to admit; these factors form the basis for snap judgments and first impressions.

Gladwell relates a study of how well a subject's personality was evaluated either by strangers who visited the subject's dorm room for fifteen minutes or by friends that knew the subject well. Friends were more accurate about extraversion and agreeableness, but the strangers were better at gauging conscientiousness, emotional stability, and openness to new experiences. Thin-slicing isn't always correct; it depends on having the right information.

Superficial traits can be used to the advantage of an actor trying to project a particular characterization. Similarly, an authority figure can dress and behave in a particular fashion to influence subordinates. Warren G. Harding made overwhelmingly positive first impressions throughout his political career, although he is considered by historians to be one of the worst American presidents. Despite his consistently lackluster performance, his attractive bearing and appearance camouflaged his shortcomings.

On the other hand, by understanding the fallibilities of intuition, one can influence others' unconscious decision-making processes and be more aware of influences on one's own intuition. People can control and develop their intuitive decision-making skills. For instance, a successful car salesman would never be distracted by the appearance of a customer to the detriment of a sale. A portion of the book discusses physiological tests that reveal the strength of stereotypes in subconscious decision making by measuring reaction times.

Having defined the capabilities and limitations of intuitive decision-making, Gladwell spends a chapter focusing on spontaneity through the story of General Paul Van Riper and Millennium Challenge '02. A technologically advanced military with a vast array of information collection and "common operational picture" was pitted against a less technologically capable adversary led by General Van Riper. Much as David defeated Goliath, Van Riper's force inflicted staggering losses on his information-gorged enemy. His victory illustrates the utility of pre-arranged structure (such as "commander's intent" or "desired endstate") to empower subordinates to make spontaneous decisions. The fog of war couldn't really be defied, but decision makers could be trained to cope well with uncertainty.

The latter parts of the book discuss how intuitive decision-making can fall short. Humans' senses and subconscious minds can be negatively affected in stressful environments where stimuli are distorted and thin-slicing can easily go awry. Gladwell takes examples from recent developments in police procedures designed to avoid situations that adversely affect law enforcement personnel. For instance, many departments make their officers patrol individually. Without partners, they are more likely to wait for backup before entering dangerous situations. The author also performs a detailed deconstruction of the Amadou Diallo shooting in New York City. He concludes that the tragedy was not a product of conscious injustice, but simply a chain reaction of impaired snap decisions made within seven seconds of violence.

Overall, Blink makes for a quick read and is sure to stimulate conversation. Its premise is simple, and it contains ample food for thought. Its discussion of priming the intuition with particular stimuli and impaired "thin-slicing" provides a useful tool in deconstructing human behavior. The strengths and weaknesses of intuition-priming and thin-slicing are useful knowledge for any professional decision-maker.

You can purchase Blink: The Power of Thinking Without Thinking from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser) writes "The third edition of Build Your Own Database Driven Website Using PHP & MySQL is written by Kevin Yank, Technical Business Director for sitepoint.com, a popular online resource for Web development. Updated for PHP 5 and MySQL 4 in this edition, Yank has put together an easy-to-follow, hands-on tutorial using the tools and techniques necessary to build a functional database-driven Web site. Many Web designers don't have deep knowledge and experience in data coding but want to get started serving up dynamic Web pages. This book gives designers and beginning coders a concise introduction to PHP and MySQL and quickly brings the reader to the page-creation stage." Read on for the rest of Norbury-Glaser's review. Build Your Own Database Driven Website Using PHP & MySQL author Kevin Yank pages 359 publisher Sitepoint rating 8 reviewer Mary Norbury-Glaser ISBN 0975240218 summary Using PHP and MySQL to Build Your First Data Driven Website

Yank starts with the basics of MySQL and PHP installation on Windows, Linux and Mac OS X systems (he notes PHP 4.3 differences as well), and walks the reader through his first PHP script (no, not "Hello World!"). This first chapter is well written, with step-by-step instructions and shell script examples. It will help even a newbie feel comfortable with the process, and encourage him or her to move on to the rest of the book.

Chapter 2 focuses on relational databases and SQL queries. This chapter is not an in-depth study of RDBMs, but rather an extremely brief overview of the concepts involved in order to introduce the reader to command line interaction with MySQL. A simple database is begun that will be used in later chapters.

Basic syntax and commands of PHP are covered in Chapter 3 (statements, variables, operators). There are a lot of simple examples here that clearly demonstrate the elemental concepts of PHP. Yank uses forms, user interaction and control structures (if-else, while loop, for loop) to illustrate some easy methods of data access and user interaction with PHP.

Chapter 4 combines the two previous chapters' concepts into the beginnings of a working data-driven Web site. Yank shows the reader how to use PHP to connect to a sample MySQL joke database ("A man walks into a bar....Ouch."). He introduces sending SQL queries with PHP (mysql_query, delete, insert, update), handling SELECT result sets and inserting data into the sample ijdb (Internet Joke) database.

Chapter 5 is devoted to relational database design, and expands the one-to-one relationship to many-to-one, one-to-many and many-to-many relationships, this chapter teaches the reader how to join data spread between tables into one resultant set. This chapter is not meant to deal comprehensively with the complexities of relational database design. Indeed, the author gives an extremely brief nod to the inherent informality of his approach and references other resources for deeper study. Yank's intention here, as with the entire book, is to use relevant real-world examples to illustrate the simpler types of relationships a beginner will experiment with and how to deal with complex data and table issues with good design practice.

The next chapter presents content management and restricted-access database administration without relying on the command line (a few hints on protecting pages with appropriate access restrictions are in the introduction to this chapter but aren't dealt with in any depth until Chapter 12). Chapter 4's mention of forms is revisited here, and forms are used to manage, add, search for, edit and delete data.

At this point, the reader will have designed a database, organized the data into categories, created Web pages to display the data to site visitors, and prepared pages for administration of the data. The HTML is separate from the data, thereby relieving the Webmaster from the onerous and constant task of having to refresh pages with content. Here, in Chapter 7, the reader learns to format and submit content without resorting to hand-written HTML by using PHP functions (Yank covers the more standardized POSIX regular expressions, not PCRE). Code examples for string replacement, boldface and italic text, paragraphs, hyperlinks and splitting text into pages are included. The last bit of this chapter is dedicated to automatic content submission and has a nice design note about creating a visible column to the joke table where newly submitted jokes are handled as a No value, which allows review by a content manager before being posted.

This leads well into Chapter 8, "MySQL Administration (backing up, access control, checking and repairing data files)." Yank explains mysqldump and the use of update logs to create a practical backup-management scheme. He also covers using the myisamchk utility to check and repair MySQL data files. Basic MySQL access control using GRANT (creates new users, assigns passwords and adds user privileges) and REVOKE (the reverse of those functions) is included in this chapter as well, along with some tips and tricks to prevent access control problems.

Chapter 9 "gets back to the fun stuff" with Advanced SQL Queries (sorting and GROUPing SELECT results, setting LIMITs, LOCKing TABLES, aliases, LEFT JOINs and Limiting results with HAVING) giving the reader a well rounded sense of the versatility and scope of SQL in general and the SELECT command in particular.

Yank veers from textual data in Chapter 10, "Binary Data" (image files, encryption keys, programs for download) and shows the reader how to deal with working with files in PHP, handling uploaded files in PHP, storing and retrieving binary data in MySQL and learning when to use semi-dynamic pages to lighten the load on server performance in the process.

Chapter 11 deals with creating persistent variables, and offers an excellent description of cookies and sessions in PHP. I like Yank's figure "the life cycle of a cookie," which shows a graphical representation of a PHP-generated cookie. Yank rounds out the chapter with a simple shopping-cart example that consists of PHP scripts handling a product catalog and a checkout page (very real world).

The final chapter of the book is titled "Structured PHP Programming," and focuses on techniques for organizing code in order to simplify management (using include files, writing your own functions and streamlining code within Web pages). Yank gives a lot of sensible advice here, and his approach is not preachy. He brings up many important pitfalls that developers fall into: too much code, difficulty of finding what you need, understanding how it works. As this is a beginner's book, I would say that good design, good technique and good sense go a long way and should be stressed at the start of anyone's career in coding.

Build Your Own Database Driven Website Using PHP & MySQL, 3rd Edition runs only about 350 pages with a clean, easy-to-read page design, comfortable typography, lots of script boxes and screen shots. The appendices cover MySQL syntax, functions and column types and PHP functions for working with MySQL. Errata can be found at sitepoint's Web site, and I can't stress enough the value of checking these out before delving into any technical or instructional book: the frustration level goes way down if you know in advance that there's a typo, or a step missing!

This is a beginner's book with the essential tools and techniques that will get anyone started with serving up their first dynamic Web site. The tutorial approach of this book makes it easy for any reader to follow the step by step instructions. Yank manages to cover pretty much every topic necessary to provide the reader with a clean overview of the topic. It's a quick read and gives the reader encouragement and enough knowledge to move on to more complex volumes on the subject. This book provides a great first step for the beginner."

You can purchase Build Your Own Database Driven Website Using PHP & MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

barryhawkins writes "When sharing with others that I was reviewing an O'Reilly book through their User Group & Professional Association Program, the first question was always the same: 'What book are you reviewing?' After saying the title was Understanding Open Source & Free Software Licensing, responses ranged from 'What's that?' to 'Well, you won't have any trouble sleeping!' One might think that this list of people included relatives and coworkers who were not attuned to the open source community and its issues. On the contrary, the responses came from those within my circle of acquaintances, which includes software developers, system administrators, and even an intellectual property lawyer. Licensing is not exactly the sort of topic where people slide forward in their seats and ask to be told more. Such is the appeal of software licensing; however, the importance of understanding licensing, particularly within the context of open source development, cannot be overstated." Read on for Hawkins' review. Understanding Open Source & Free Software Licensing author Andrew M. St. Laurent pages 208 publisher O'Reilly rating 8 reviewer Barry Hawkins ISBN 0596005814 summary A worthwhile introduction to open source licensing

Those familiar with the O'Reilly product offerings have no doubt seen or purchased one or more their Pocket Reference series. These are not comprehensive references, but rather convenient guides for a specific topic to provide the sort of information one is not likely to have committed to memory, particularly as the trend of having cross-disciplined technologists continues. This book could be considered the analog of such pocket guides for open source and free software licensing. Open source licenses and their legal interpretation, though, easily warrant a "pocket reference" that is a full-sized book of nearly 200 pages.

Frankly, reading through a software license and maintaining a reasonable level of comprehension is a rather tough job. The author manages to make the task far more bearable and fruitful at the same time; a difficult balance to strike. The pace of the annotation works well to break up the various licenses (twelve in total) into bite-sized chunks. Chapters 2 and 3, which address the Apache/BSD/MIT family of licenses and the GPL/LGPL/MPL family of licenses respectively, each end with a section titled "Application and Philosophy" that serves as a sort of reward for making it through the license and establishes a touchstone to summarize and provide meaningful context for what has been covered.

The annotations of the different licenses are a great introduction, but the book should not be considered a complete reference for open source licensing issues. The book seems to affirm this at points where the author indicates that particular topics fall outside the book's scope, even to the point of recommending experienced legal counsel for certain issues. It also has a wonderful collection of footnotes and reference to other resources to allow the reader to flesh out topics of interest beyond the focus of this work.

One subtlety of the book that should not be missed is how the history of the open source movement is woven throughout the book to provide the context in which these licenses came into being and were modified to accommodate the vibrant, emerging world of open development models. The book's last two chapters bring that context to the foreground, fully developing the consequence of the licenses in daily development activity. It is far too easy to view these licenses and as mere legal documents that exist in and of themselves; the author reminds us that these licenses are the manifestations of a spirit of selfless contribution and work toward social good made possible by the considerable sacrifice of quite gifted individuals. For those passionate about the open source and free software movements, the section of chapter 7 titled "Models of Open Source and Free Software Development" is a poignant and stirring encapsulation of the first years of the GNU and Linux projects and the work that brought them into being. The cliché rings true; we do indeed "stand on the shoulders of giants."

The number of editorial errors involving misspelled and/or missing words seemed relatively high; this is a trend that seems to have developed in technical books in recent years, to a point that the technical community has come to accept it as some sort of side effect of the rapid pace with which books must be produced in order to keep pace with the rate of change. Given that this is an issue present in other works as well as this one, it should not particularly count as a mark against the work, but rather serve to underscore an issue publishers should consider improving.

Understanding Open Source & Free Software Licensing strikes a balance between completeness of subject matter coverage and manageability of size. Given the amount of attention the average open source user or developer has given to licensing, reading this book would be a considerable improvement. This book is recommended for a couple of audiences. First, it serves as a great foundation for developers either active in or contemplating participation in open source development. Searching most any open source mailing list for the term "license" can usually turn up some of its hottest flame wars. If most developers had this introductory level of understanding about the main open source licenses, hundreds of message threads arguing about licensing could be avoided.

A second audience for this book is the project manager and/or CTO in most corporate IT shops. Most corporate projects are making use of numerous open source libraries and frameworks. This is particularly true with J2EE, but also with .Net as a number of .Net counterparts to popular J2EE resources arise, e.g. NAnt, NUnit, etc. This book can dispel unnecessary apprehension regarding the use of these libraries that often arises from fear, uncertainty, and doubt (FUD) propagated in much of the mainstream technology media. It can also equip managers to make informed decisions about team members' potential contributions to open source projects and the potential legal implications.

You can purchase Understanding Open Source & Free Software Licensing from bn.com. (You might also be interested in Peter Wayner's review of Lawrence Rosen's book on the same topic, Open Source Licensing .) Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Bruce Lawson writes "I've read a lot of CSS books, but this one is the one I wished that I'd read when I was learning, and I suspect that other slashdotters may concur. It is firmly pitched at the coder rather than the designer, takes you from CSS virgin to upper intermediate level, with good attention to the process of (re)designing with CSS, legal issues such as Accessibility (section 508), and assumes that you're not scared of mark-up." Lawson offers this disclosure: "I should immediately disclose that I've worked for two different companies that have published the author, Rachel Andrew, but I have no connection with the publishers, or this book." Read on for the rest of his review. The CSS Anthology: 101 Essential Tips, Tricks & Hacks author Rachel Andrew pages 380 publisher SitePoint rating 8 reviewer Bruce Lawson ISBN 0957921888 summary Structured Q&A guide for CSS beginners

Author's credentials

Andrew is a long-term member of the Web Standards Project (WaSP) and programmer, technical project manager, technical team leader/senior developer and webmaster, according to her own bio.

Who's the book for?

The book's subtitle is somewhat misleading. There probably are 101 tips'n'tricks (I didn't count) but it's not the random miscellany that it implies. The information is structured so that a n00b could become proficient by reading the book from start to finish (I tested this out on a colleague). The tips'n'tricks structure does allow you to find what you're looking for in a hurry. The table of contents is easily scanned, and there is an excellent index.

The book doesn't offer advice on how to sex up the beauty of your site. That's fine for me; my current work involves replicating someone else's designs using xhtml and CSS, and as a coder I'm pathologically unable to design the type of showcases that you see at the CSS Zen Garden. A graphic designer might therefore find this book hard work; it jumps straight into a discussion of syntax, and there's occasional geek-directed statements (CSS supports multi-line C-style comments). Similarly, if you're completely new to html, this book probably isn't for you; there's lots of references to pre-CSS ways of working which could potentially be mystifying. Unusually for CSS books, there's a refreshing lack of polemic telling you why you should use style-sheets. If I read another history of the browser wars in a technical book, I shall scream.

So the book's constituency would seem to be those who know how to present information via html, and wish to take advantage of the smaller filesizes, greater flexibility and logical separation of the presentation layer from the mark-up that the (x)html/ CSS combination offers. The logical purity is my personal reason for moving to Web Standards; the trauma of writing text processing applications with VAX Fortran in the late '80s left me with the propensity to weep when I see html as sorely abused I mangled dear old Fortran.

Are you sitting comfortably? Then I'll begin.

Anthology kicks off in the conventional way for CSS books - controlling fonts and colours, styling hyperlinks, headings and the like. Each chunk is structured as a problem (How do I remove the indented left margin from a list?), a solution and sample code, and generally a discussion of related applications of the code, compatibility issues, accessibility notes etc. This is a pretty compact method of explication, and the basics of styling, syntax, pseudo-class order and the like are romped through in 40 pages, but not glossed over. The key to this is that Anthology assumes you know what you want to do, and shows you how to do it.

Chapter 4 (Navigation) is where the real meat begins - making navigation menus that are solely html unordered lists (because a menu is logically a list of links) and styling with CSS, adding rollover effects, styling navigation as buttons, changing the styling to a horizontal navbar, or even Amazon-style tabs without changing the mark-up. I suspect that, although these are techniques that can be found in most CSS books, the brevity and simplicity of the explanation will be revelatory to many. Chapter 5 (Tabular Data) may come as a surprise to those who mistakenly believe that web standards disallows the use of html tables, as it shows how to style tabular data - the examples are a spreadsheet and a calendar. Chapter 6 repeats the trick with that most mundane aspect of web development, the form.

Chapter 7 (Browser and Device Support) is about real-world CSS development. Unlike most books which instruct you to test in loads of browsers and leave it at that, this chapter lists all the main permutations of OS and browser (including tips on installing multiple versions of IE/ Win), and begins discussion of the tried and tested hacks to hide styles from Netscape 4, IE etc. All of this information is available on the web -- but for a newbie who isn't yet aware that it's possible to hide styles from certain browsers, it's a great way to introduce them to the murky practices of real-world CSS development. What's also refreshing in a computer book for n00bs is a discussion of how to seek help on lists and forums, with a guide to etiquette.

Chapter 8 (CSS Positioning and Layout) is where the stuff that stumps many a table-based designer begins. Along with fonts and colours etc, CSS can lay out the stuff on your page. I'm unsure about the success of this chapter; the Q&A structure is great if you're looking to build one of the sites that are explained (and the list is pretty comprehensive), but I came to the chapter hoping to cure a couple of bugs I'd found in a project I'd previously semi-successfully laid out with absolute positioning (A.P.).

Generally, I layout using floats as I also write the html, so it's easy to ensure that the markup spits out <div>s (sections) in the left-to-right, top-to-bottom order that I want to lay them out in. Suddenly, I had two projects that required A.P. for the first time, as it was not cost-effective to change the way that the client's CMS spat out the markup, so AP was required to position sections on the page regardless of where they appeared in the markup.

Anthology served me fine until I tested the page in IE and the layout was off. Nothing in the book gave me any pointers, and in the end I gave up Googling and just used a hack which exploits an IE parser bug to serve different co-ordinates to IE, after finding the hack co-ordinates through trial and error:

#APthing {position:absolute; top:34px; left: 758px; width:108px; height:88px;}
* html #APthing {position:absolute; top:19px; left: 785px;} /*for IE */

OK, so there may be a simple mistake I'm making -- but then, as far as absolute positioning goes, I'm the kind of newbie at whom this book is aimed, and I imagine that others will make the same mistake that I did. If the book had explained where I was going wrong, or given me the above hack, I'd've spent less time with Google and more time with Guinness.

Chapter 9 (Experimentation, Browser Specific CSS and Future Techniques) is successful, except for one small gripe. I'm glad that the author, although a member of the Web Standards Project, isn't an uber-purist. (I'm of the opinion that a little invalid code, if it's the only way to get the job done, isn't a hanging offense). So she shows how to implement IE-only proprietary CSS that can make colourful scrollbars, should you wish to do this. There's also a Mozilla-only CSS trick to allow curved edges to CSS boxes, which I implemented on my homepage that very evening.

However (here's the gripe), the most useful technique shown is one which allows fully-CSS flyout menus that don't rely on JavaScript. The author notes that it won't work for most people, as IE incorrectly restricts the hover pseudo-class to <a> tags only, while the CSS requires hovering over <li> elements.

Well, Yes and No. There's a well-documented and elegant hack which allows a proprietary Microsoft behaviour to be attached to the CSS that attaches a small JScript that corrects the IE bug, and thus allows this extremely useful CSS-only flyout menu to work in IE. I've used the technique myself when required to mimic the look and feel of a client's site while making it DDA/ADA accessible, and it works perfectly. To me, the omission of the IE hack from Anthology is an unfortunate oversight.

Summary

There's a couple of flaws in the book, though I suspect that in order to explain them, I've over-emphasised them. All in all, it's a solid, professional no-B.S. way for someone with a code-oriented mind to get them up to speed, satisfactorily and quickly; a motivated reader could be churning out standards-compliant, bandwidth-friendly sites after a few hour's experimentation. Ordering the book from the publisher's website was a good experience and, unusually, they have a money-back guarantee. As I said, I wish that I'd had access to Anthology when I was learning.

You can purchase The CSS Anthology: 101 Essential Tips, Tricks & Hacks from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Reynolds writes "In his recent book Artificial Intelligence for Computer Games: An Introduction , author John Funge takes us on a whirlwind tour of techniques from the literature of academic AI research and discusses their application to the nuts and bolts of game AI programming. While some of these topics are quite advanced, the text remains easily readable and grounded in what the techniques mean to real game programmers developing real game AI." Read on for Reynolds' review. Artificial Intelligence for Computer Games: An Introduction author John David Funge pages 160 publisher A K Peters rating 8 reviewer Craig Reynolds ISBN 1568812086 summary Written for game AI programmers, this book provides a practical introduction to advanced AI techniques and practices for constructing sophisticated non-player characters.

Funge's background includes both academic AI research and commercial development of game AI technology. This has allowed him to write a refreshingly practical book for the game AI programmer which will also expand the reader's knowledge of AI. He presents advanced AI research in a way that is meaningful to the working game AI programmer. Non-player characters (NPCs) are the focus of this book, although it touches upon techniques applicable to other kinds of AI. Funge begins with a simple NPC architecture, then goes on to consider how they act in their world, perceive and react to their surroundings, remember their past experiences, plan their actions, and learn from the past to improve their future behavior. In addition, Funge hopes his book will contribute to a "common framework and terminology" to promote better communication between practitioners interested in game AI, leading to better interoperability for their software. (Please note that John Funge is a friend and former coworker of mine. I was pleased to accept John's invitation to review his book.)

The field of Artificial Intelligence has been actively studied since the 1950s. In that half century many useful techniques have been developed and applied to a broad range of scholarly and commercial applications -- most quite serious and sometimes a bit dry. In contrast, today the most economically significant application of AI is in computer games. This commercial application motivates today's students to study AI and drives a good deal of academic AI research. Modern games have incredible graphics and their animation technology is becoming very sophisticated. As graphic animation increasingly becomes a solved problem, more and more attention is being paid to game AI. It seems likely that the next few years will see a tremendous investment in game AI technology leading to significant improvements in the state of the art.

As I read Funge's book I was struck by how oriented it was to the interests of AI programmers working on commercial games. Certainly the discussion focused on the practical rather than the theoretical. (There are many asides, footnotes and citations of the academic literature for those with an interest in pursuing the theory.) More concretely, the text is peppered with fragments of C++ code. A working programmer who visits the academic literature is often faced with the daunting task of converting prose, equations or breezy pseudo-code into something suitable for compilation. If a reader of this book does not follow a bit of the discussion, a glance at the nearby C++ code listing will usually set things straight. I have it on good authority that functioning source code for the examples in the book will appear on the www.ai4games.org website "soon."

The book is divided into seven chapters (Introduction, Acting, Perceiving, Reacting, Remembering, Searching, and Learning) plus a Preface, two appendices, an extensive Bibliography and an Index. The chapter on "Acting" introduces the simple game of tag used as an example throughout the book. It further sets the stage by describing the principal components of the game engine and the AI system. The third chapter, "Perceiving," introduces percepts -- the formal framework used to encapsulate and manipulate an NPC's awareness of its world. In many games a key concept is filtering out information which is available in the game state but should not be "known" by the NPC. Chapter 4 describes reactive controllers. Funge uses a very strict definition of reactive -- informally, it means a non-deliberative controller, but in this book the term is used to mean strictly stateless. This distinction has a practical consequence since a stateless controller can be shared among multiple NPCs. (Yet I wondered how important this was in practice. That point was not explored in any depth, and a "slightly stateful" reactive controller can be very useful.) The chapter on "Remembering" introduces memory percepts, mental state, beliefs and communication between NPCs. The sixth chapter covers "Searching" -- through trees of possible future actions, often referred to as planning. The extensive treatment of search includes both examining the host of options that are available to an NPC at each juncture, as well as reasoning about the interaction of one NPC's behavior with another, known as adversarial search. The final chapter covers "Learning." It looks at both offline learning (which happens before the game is shipped) and online learning (happening during gameplay). The first is merely an aid to game development, the latter promises NPC that can adjust to the player's skill and style of play. Online learning present many more technical challenges. In fact, my first impression on reading this section that it was less practical than the rest of the book because of the difficulties of online learning. However, from the description of this GDC 2005 lecture, it appears that Funge and his colleagues have made significant progress in this area.

I recommend Artificial Intelligence for Computer Games: An Introduction to commercial game AI programmers, as well as other game programmers and designers who wish to learn more about this area. Because of its sound academic underpinning, the book will also be of interest to students of artificial intelligence and to professionals in related areas such as agent-based simulation and training.

Reynolds is a Senior Research Scientist in the R&D group of Sony Computer Entertainment America. His interests center on modeling behavior of autonomous characters, particularly steering behaviors for agile life-like motion through their worlds. See his page on Game Research and Technology. You can purchase Artificial Intelligence for Computer Games: An Introduction from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

r3lody ((Raymond Lodato) writes "Java was developed to be a cross-platform language. In other words, it shouldn't matter what processor or operating system you used, just the language itself. Write Once, Run Anywhere is the slogan, and an admirable ideal to attempt to reach. So when I first saw the title of the book Java Application Development on Linux, I expected to find descriptions of some idiosyncrasies in the Linux environment that affected the Run Anywhere part of the equation. What I got was a lot more." Read on for the rest of Lodato's review. Java Application Development on Linux author Carl Albing and Michael Schwarz pages 600 publisher Prentice Hall rating 9 reviewer Ray Lodato (rlodato AT yahoo DOT com) ISBN 013143697X summary An eminently readable book covering all you need to develop commercial-quality Java programs on a Linux platform.

The authors, Carl Albing and Michael Schwarz, chose to create a book that is a complete guide to writing commercial-quality Java programs. With the burgeoning presence of Linux, they focused on how to use the tools of the Linux platform to assist in the creation and maintenance of Java programs. They have broken the book up into five major parts: Getting Started, Developing Business Logic, Developing Graphical User Interfaces, Developing Web Interfaces, and Developing Enterprise Scale Software. Each chapter is self-contained, and the knowledgeable reader can pick and choose what they would like to read without losing track. Carl and Michael have properly started each chapter with a summary of what you'll learn, and conclude with a What You Still Don't Know section. A Resources section is included to give you more references for further study.

Part 1, Getting Started, provides a 10-chapter overview of Linux, Java, the SDK's (Software Development Kits) from Sun and IBM, version control via CVS, and IDEs. The first two chapters cover enough command-line Linux to manage your files and directories, plus the Vi editor to create and edit your programs. Chapter 3 gives you a summarized but complete overview of the Java language (minus the standard classes), and Chapter 4 covers how the program can deal with the context in which it's running. The next two chapters cover Sun's SDK and (mainly for comparison) IBM's development kit. In some instances, the Java program may be so large and/or so complex that running the byte codes in the Virtual Machine may not be quick enough, so Chapter 7 describes how to use the GNU Compiler for Java (gcj) to create native-code programs.

Larger programs definitely need some form of source control (actually, any project larger than a classroom exercise needs it), so source control using CVS is clearly laid out for you. While other products are available, CVS (Concurrent Versioning System) is widely available, robust, mature, and reliable, so the authors chose to describe its use in detail. For building and deploying the numerous files of a larger project, Ant provides value beyond what the make facility can offer, especially with the RMI (Remote Method Invocation) dependency problems that make can't address. Finally, Integrated Development Environments are covered. While Carl and Michael focus on NetBeans, SunONE Studio Community Edition and Eclipse are also covered.

If the book stopped after Part I, you would still have a valuable addition to your bookshelf. However, it continues with a five-chapter discussion on how to properly develop business logic. One chapter is totally devoted to the business aspects of getting requirements, documentation, and buy-in. The next covers how to use a simple software development methodology to analyze the program and discover the objects to be created. The following chapter goes over a frequently overlooked aspect of programming - automated testing - with JUnit. The last two chapters of Part II cover storing data in databases using Oracle, PostgreSQL, and MySQL, and using the Java Database Connector (JDBC) to access them.

While Linux users (at least the older ones like me) are more used to command lines, most users want some form of a graphical user interface (GUI) to access the program and their data. Chapters 16 and 17 describe how to create a GUI using Swing and the Standard Widget Toolkit (SWT).

By far the most popular way to access programs is via a browser. Java Servlets are (maybe not so) little programs that run on the targeted web server, relieving the user of having to install an application on their local computer. This allows the user to always have access no matter which machine they're on (how many times have you complained that the program you want is on the PC where you're not?), and to always be accessing the latest version of the software (assuming the web administrator keeps it updated on the server). Chapters 18 and 19 cover Servlets and JSP (JavaServer Pages), then Chapter 20 describes Java-based web application servers (JBoss and Geronimo) for serving the servlets.

Finally, Part V covers Enterprise JavaBeans (EJBs) in what the authors describe as an almost criminally brief introduction. While it is definitely an overview, they still cover more than enough about EJBs to get you rolling, and provide many references to where you can fill in the blanks. They wrap up the book with a plea for help. The book is an Open Content book, and therefore they are requesting comments, suggestions, and patch files to help improve the text and examples.

I have to admit that Java Application Development on Linux is an extremely readable, very informative, and deep without being lengthy book. (The only complaint I have is that they tried to cover a little too much in a single book. EJBs, for instance, definitely warranted more coverage than they provided.) Carl and Michael use a very conversational tone, just as though they were sitting with you and giving you their personal attention. I found it enjoyable, interesting, and highly informative.

You can purchase Java Application Development on Linux from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Eli Singer writes "The web is stripping away the layers of insulation between companies and the public by giving everyday people access to massive amounts of information. Increasingly companies are finding themselves like the emperor naked and exposed. Don Tapscott, long time tech author ( Digital Capital , Growing Up Digital and Paradigm Shift ), and co-author David Ticoll ( Digital Capital ) say in their latest book, The Naked Corporation: How The Age of Transparency will Revolutionize Business , that when a corporation is naked, it is best to be buff." Read on for the rest of Singer's review. The Naked Corporation author Don Tapscott & David Ticoll pages 348 publisher Viking Canada rating 8/10 reviewer Eli Singer ISBN 0670043982 summary A guide to acting ethically in our digitized business world.

The need for a transparency strategy, as described by Tapscott and Ticoll, is born out of the massive exposure and risk companies open themselves up to when they conceal activities from the public, or live by poor values. As they say:

Customers can evaluate the worth of products and services at levels not possible before. Employees share formerly secret information about corporate strategy, management, and challenges. To collaborate effectively, companies and their business partners have no choice but to share intimate knowledge with one another. Powerful institutional investors today own or manage most wealth, and they are developing x-ray vision. Finally, in a world of instant communications, whistleblowers, inquisitive media, and Googling, citizens and communities routinely put firms under the microscope.

Using basic tools available online, interested parties and activists can discover a companys darkest secrets and publish them to the world - instantly. Transparency theory states that because the corporation risks being stripped naked in ways it cannot control, it needs to be buff. Firms that live by good values (video) do not fear exposure.

Some firms and industries still opt for secrecy in our transparent world and they often end up paying a price for it. That is because when there is little to no visibility into how firms are operating (no transparency), there is very little trust built with customers. Low trust stifles innovation and can instill fear. This in turn creates conflict as companies try to stay closed and stakeholders try to break free.

Some stakeholders community activists, nongovernmental organizations (NGOs), and the like have little or no direct power over the firm. Their main tool is transparency: the ability to learn, inform others, and organize on the basis of what they know. When community stakeholders use information to gain support of others who do have economic power like the firms customers, shareholders, or employees their power multiplies.

One example, referenced repeatedly in the book, is the Linux community. There are so many transparent elements to Linux, from the inspiration behind its conception (an alternative to closed-source software), to the GPL that keeps it open, and the overall integrity of the software and the community that develops it.

Linux's transparent nature is quickly becoming a standard component of the technology industry. In fact, what could be a better endorsement of transparent business practices than IBM shifting its business strategy to embody open values? Big blue has donated millions of dollars of once proprietary code to the open-source community, and hosts massive developer forums that blur the borders between paid developers and the community. This is all done with the objective of making IBM more transparent to its stakeholders.

The Naked Corporation is a fascinating read filled with the ideals that businesses should aspire towards this century. What makes it most enjoyable to read is that Tapscott and Ticoll ground their concepts with real-world case examples, many of them technology related.

The book is divided up neatly into three sections.

The first, The Transparency Imperative, takes three chapters to thoroughly introduce the concept of transparency, and the structure of open enterprises. Most interesting is the first chapter (available free here), which identifies and explores independently the drivers behind transparency economics, technology, demographics (the power of the Net Generation), and sociopolitical changes (the rising global civil foundation). This is a rich and inspiring study, and the authors fuse their findings at the end of the chapter, stating that:

As emerging economy firms and citizens become integrated into the global economy, they will increasingly expect and gain the ability to demand visibility into Western firms business practices Both emerging economy and Western firms will be under increasing pressure to practice what they preach about open trade and level playing fields, as well as to behave responsibly toward people and the environment.

The second section, When Stakeholders Can See, illustrates just how much information employees, partners, customers and communities can discover about a firm. Given that we live in a knowledge economy, companies cannot block information from becoming free. The ultimate exposure of poor business practices is not a question of if anymore, but of when. The whistleblowers at Enron are proof.

Section three, Being Open, teaches companies about the rewards earned by being transparent. Up until this part of the book, transparency was viewed as a defensive strategy. Now transparency is re-introduced as a core source of new value a firm can tap into. Like IBM is doing now, companies can earn massive profits by adopting a more open stance.

In addition to being a great read for managers, I believe this book should be on the reading lists of members of NGOs, activist groups, and socially responsible corporate watchdogs. This is because in outlining the need for businesses to adopt a transparency strategy, Tapscott and Ticoll also create a blueprint for how to expose opaque organizations.

The drawback of this read, quickly obvious to the reader, is that transparency, ethical business practices, and corporate social responsibility are all such new theories that few know how to effectively apply them. Then again, when thinking about the Web in its infancy, talking about the new possibilities was the first step to the future we have now.

You can purchase The Naked Corporation from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

SDurham writes "Americans love trivia. From the bookish facts of Jeopardy! to the daily dose of ESPN Sportscenter, trivia is as much a part of our pop culture as hot rods or baseball. Few sources contain as much fact (or trivia) as the Encyclopaedia Britannica, and in The Know-It-All, A. J. Jacobs chronicles his attempt to read this collection of knowledge. At 33,000 pages, Jacobs' task is not one to be taken lightly. Jacobs manages not only to complete this challenge, but to weave an engaging account of his year-long obsession in Know-It-All." Read on for Durham's review. The Know-It-All: One Man's Humble Quest to Become the Smartest Person in the World author A. J. Jacobs pages 369 publisher Simon & Schuster rating 7 reviewer SDurham ISBN 0743250605 summary An account of a single-minded approach to mind expansion.

Jacobs is certainly suited to his task. A former editor at Entertainment Weekly and now a senior editor at Esquire, Jacobs' day-to-day work brings him into contact with a variety of American obsessions. After the first few chapters, however, it becomes clear that this is more than an account of consuming such a massive amount of information. The book is divided into chapters based on each section of the Britannica, and Jacobs' tale unfolds under headings that link his reflections to related Britannica entries. These reflections begin to reveal several themes that emerge throughout the book: Jacobs' struggle to match, or at least come to terms with, his father's accomplishments, the ongoing attempts of Jacobs and his wife to become parents, and the nature of intelligence and intelligent people.

Know-It-All reads easily, and Jacobs has a knack for humorous writing. Throughout the book Jacobs encounters a wide array of interesting, if not mildly eccentric, individuals. From Mensa members to the actual editors of the Britannica, Jacobs successfully humanizes many people normally viewed as stiff or uncharismatic. He tries to glean bits of wisdom as he goes, and these encounters best transmit Jacobs' message.

One recurring character in Jacobs' life often appears as his nemesis. Jacobs' brother-in-law Eric is described as a thoroughly knowledgeable Mr. Perfect, whose career -- from an Ivy League education to the U.S. Foreign Service to Wall Street -- constantly antagonizes Jacobs in some small way. With his newly acquired Britannica knowledge, Jacobs searches for ways to finally one-up Eric.

In one early encounter, he tries to apply what he has learned about aerodynamics in a tennis match against Eric. These encounters rarely end as Jacobs hopes, but they almost always provide humorous interludes between Jacobs' more serious discussions about the Britannica and its contents. This is not an overly serious book, however; Jacobs manages to infuse his humor into almost every entry in the book.

One theme within Know-It-All that is more serious in tone follows Jacobs and his wife's attempt to become parents. Even in this area of Jacobs' life he tries to apply his rapidly growing Britannica knowledge. Jacobs notices a plethora of fertility gods and goddesses as he reads through each volume, and the couple adopts a new one each week as a sponsor. Julie, Jacobs wife, describes herself as a 'Britannica widow' during Jacobs' project because of the hours he spends reading. It is in Julie that Know-It-All becomes a successful book. While readers may scoff at Jacobs' neglect of his wife (as he portrays it) during his project, the relationship between the two raises Know-It-All above a simple intellectual pursuit.

A surprising number of typographical errors are scattered through the book. Surprising, because Jacobs is an editor, and the book is clearly meant to appeal to an inquisitive, intelligent audience. These errors do little to detract from the overall experience of Know-It-All, however, and it is a solid, worthwhile read. For anyone who finds himself answering TV trivia questions in his head, or enjoys browsing through all sections of a bookstore, this book is a fun weekend read.

You can purchase The Know It All: One Man's Humble Quest to Become the Smartest Person in the World from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

charliedickinson writes "Some of the most computationally-intensive tasks around are real-time valuations of derivative securities. Wall Street traders need these for executing the trade whenever anyone wants to hedge stocks, bonds, currencies, commodities, credit, mortgages, power ... the list goes on. Emanuel Derman's My Life as a Quant is the engaging odyssey of a theoretical physicist turned serious programmer (by way of Bell Labs), turned "rocket scientist" or "quant" (Wall Street slang for the folks who've taken computer-aided design and valuation of financial products to new levels these last two decades)." Read on for Dickinson's review of the book. My Life as a Quant: Reflections on Physics and Finance author Emanuel Derman pages 292 publisher John Wiley & Sons, Inc. rating 9 reviewer Charlie Dickinson ISBN 0471394203 summary Autobiography of a theoretical physicist turned serious programmer, turned Wall Street quantitative finance wizard

A complete understanding of Derman's work as physicist, or as finance theoretician, is of course beyond the scope of a memoir. This reviewer studied quantum mechanics in college and took an MBA at UCLA (more about this later) -- adding to my interest in the memoir's technical discussion -- but Derman reasonably pitches his discussion toward a lay audience with many helpful visuals to describe less obvious mathematical relationships. Do not let the perceived arcana of Derman's work keep you away from this memoir.

Emanuel Derman came to New York City in 1966 from Cape Town, South Africa. He started a Ph.D in theoretical physics at Columbia, somewhat in awe to be studying among a cluster of Nobel Laureates. As a teenager, Derman had hopes of being another Einstein if he stayed with physics. But as he notes, time decay happens to ambition. Seven years after earning his Ph.D, he was happy to be an employed postdoc, sharecropping his knowledge of particle physics to willing bidders.

The job market for theoretical physicists continued south. Family responsibilities, his wife's career as a biologist, and iffy prospects for a tenured teaching position --these all added up to Derman abandoning his love of physics, and going to work for money at Bell Labs.

There, Derman fell in love with programming (lex and yacc being two favorite tools). During five years, he built compilers and designed a nonprocedural language, HEQS (Hiearchical EQuation Solver), a precursor to Visicalc. But he never quite adjusted to the politics of Bell Labs, and by 1985, Wall Street was beckoning.

Executive recruiters sought out high-value programmers like Derman. He took a position with Goldman, Sachs in the Financial Strategies Group and began modeling options. It was a good fit. He found himself using sophisticated modeling techniques comparable to "doing physics." Moreover, he soon would collaborate with another Goldman, Sachs employee, one of the most influential theoreticians around: Fischer Black, whose Black-Scholes option pricing model (1973) is a benchmark in the field.

But My Life as a Quant is more than technical discussion; it's also a human interest narrative. The chapter "Easy Travel to Other Planets," about Fischer Black, is worth the price of this book. With compassion and honesty, Derman evocatively portrays his genius mentor. Derman shrewdly assesses what the arc of his life has meant. He shares vulnerabilities, decisions made from the weakness of loneliness, for example. Or, in a self-deprecatory vein, faux pas he committed. He's around Nobel Laureates in both physics and economics, and while noting such illustrious company can at times seem self-serving, the overall effect remains an engaging, complex self-portrait.

One idea about the world of quants Derman dispels is that derivative securities are wholly computer-driven. Despite more computing power on Wall Street, Derman asserts human imagination still leads the way. It takes a Fischer Black to intuit the qualitative to set up the quantitative model. Modern computational tools, however, aid the visualization such creative work thrives on.

As an example of the foregoing, and on a personal note, this reviewer remembers derivative security analysis circa 1969. While pursuing an MBA at UCLA, I did grunt work for a private hedge fund, run out of a Westwood apartment. Technology then was a time-sharing computer terminal and a telephone. The fund strategy was to short warrants and go long on the underlying common stock, where arbitraging opportunities were identified, a strategy borrowed from earlier work by Edward Thorp and Sheen Kassouf. My job was simple: I charted historical price data on clear acetate sheets in colored inks for all outstanding warrants against the underlying stock.

I drew hundreds of graphs, assisted in part by an Israeli graduate student (who had fought in the 1967 Six-Day War). I can't recall his name, but remember that when I'd drop by with more price data, ready to take away graphs, he invariably offered toast and coffee. One morning, I brought yet another roll of graphs to the Fund manager's apartment/office. Steve met me outside, saying he'd just got off the phone with Paul Samuelson at MIT, who wanted to know what our graphs looked like. Samuelson had written an article on warrant pricing, Steve added, which was why he was interested in what we turned up. I knew Samuelson as the author of an economics textbook I'd used a few years earlier.

Another morning, when I motorcycled over to drop off charts, Steve again was outside. He said, "Shelton and Markowitz are here." Professor John Shelton had hired me, of course, but I had no idea who Markowitz was -- he evidently did unspecified work with Shelton. Inside, I was quickly introduced to Harry Markowitz, who unrolled my graphs, becoming immediately absorbed. "Let me get a gestalt on this," was all he said. I didn't know then I was in the same room with the inventor of Modern Portfolio Theory. Now I can say he would see something that maybe a Fischer Black, or, these years later, an Emanuel Derman, might see. When he looked up, he said I did good graphs. I never saw him again.

Years later, I felt honored the low-tech grunt work my Israeli colleague and I labored over had interested those two men, Samuelson and Markowitz. They both received the Nobel Laureate in Economics (1970 and 1990, respectively). My point being -- and I'm sure Derman agrees -- it's not great computers that make breakthroughs in the financial theory. It's great imagination plus the tools at hand! (Obviously, though, computers have changed much of the grunt work.)

For me, My Life as a Quant summoned personal memories, but the odyssey of Emanuel Derman from South Africa to Wall Street is a rewarding memoir for anyone with even a casual interest about how the world of finance is being re-imagined. Emanuel Derman didn't really go to Wall Street to get rich. This memoir is a testament to his true passion in life, whether in theoretical physics, in software programming, or in the modeling of derivative securities. He always wanted interesting problems to work on.

You can purchase My Life as a Quant: Reflections on Physics and Finance from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "When most people think of forensics, television shows like Quincy and CSI come to mind. Where such shows deviate from reality is the unrealistic speed at which the actors are able to identify, apprehend and prosecute the perpetrators. In the real world, (unlike television, where the crime must be solved by the end of the family hour), crimes are solved with slow, deliberate and methodical steps. The prodigious incidence of digital crime has elevated computer forensics to a critical role within the field of information security. The focus of computer forensics is twofold: first is the attempt to determine whether a breach has occurred and to stop the perpetrator; second is prosecution of the offender, if the breach was a criminal activity." Read on for Rothke's review of Forensic Discovery. Forensic Discovery author Dan Farmer & Wietse Venema pages 198 publisher Addison Wesley Professional rating 10 reviewer Ben Rothke ISBN 020163497X summary Forensic Discovery overview

Security luminaries Dan Farmer and Wietse Venema wrote one of the first vulnerability scanners (SATAN) almost 10 years ago; SATAN was the precursor to ISS Scanner, Retina and nmap. Venema wrote such well-known security applications as the TCP Wrapper program and the Postfix mail server. Farmer and Venema's new book Forensic Discovery is a valuable book that grounds a computer-savvy reader in the world of digital forensics.

An image of a pipe by artist René Magritte is on the cover with the caption Ceci nest pas une pipe. ("This is not a Pipe.") The picture demonstrates that an object exists on many planes; the simple recognition of the picture initiates the belief that we are seeing something, but it is only known in representation. Surrealist painting and digital forensics coalesce in that the digital forensic investigator must think broadly and unconventionally in order to reconstruct an incident, all the time keeping in mind that often what initially seems obvious is neither real nor correct.

The material in the book is an outgrowth of a one-time seminar the authors gave in 1999 on digital forensics and analysis. At the seminar, Farmer and Venema rolled out The Coroner's Toolkit (TCT), a collection of tools for gathering and analyzing forensic data on a Unix system. TCT is heavily referenced throughout the book.

The book initially seems thin, at just 198 pages, but there is no filler and the information is presented in a fast and furious manner. Part one of the book comprises 35 pages and is an introduction to the foundations of digital forensics and what to look for in an digital investigation.

Part two (chapters 3-6) is the nucleus of the book, which quickly gets into low-level details about file systems and operating system environments. While other forensics books focus exclusively on the discovery and gathering of data; Forensic Discovery adds needed insight on how to judge the trustworthiness of the observation and the data itself. Again, the idea is that not everything is as obvious as it may initially seem. An effective investigation often requires intense analysis, where meaningful conclusions take time.

Chapter 4, "File System Analysis," notes that while computers have significantly evolved since their inception, little has changed in last 30 years in the way that file systems actually handle data.

Chapter 5, "Systems and Subversion," is particularly interesting as it deals with system startup and shutdown, from a forensics perspective. The chapter shows that there are thousands of possible opportunities to subvert the integrity of a system without directly changing a file during startup and shutdown. A crucial decision that must be made during an incident is whether to shut down the system or let it remain on-line. There are advantages and disadvantages to each approach, and the book details them.

Part three (chapters 7-8) is about the persistence of deleted file information. The authors' research reveals that data can be quite resistant to destruction. The book shows that a huge amount of data and metadata can survive intended deletion as well as accidental damage.

Forensic Discovery is unusual in that other books on forensics are often nothing more than checklists and step-by-step instructions on what to do during an incident. Forensic Discovery provides a broad framework on the nature of data and how it can be recovered for forensic purposes. By understanding the underlying operating system, the act of analyzing and dealing with a security breach becomes much easier.

The book's target reader is anyone who wants to deepen his understanding of how computer systems work, as well as anyone who is likely to become involved with the technical aspects of computer intrusion or system analysis. The topics are too advanced, to make it the right book for the novice system administrator. For the technical reader, though, Forensic Discovery is one of the best computer security books published in the last year. The value of the information is immense, and the extensive experience that the authors bring is unmatched.

You can purchase Forensic Discovery from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

prostoalex (Alex Moskalyuk) writes "Anywhere from 26% to 40% of U.S. employees refer to their work as stressful or very stressful. So it's not too surprising that the business motivation and self-improvement market, which includes books, courses, training seminars, etc. generates $5.7 billion a year. David Allen is the author of Getting Things Done, which on its cover promises the Holy Grail of business management -- stress-free productivity." Read on for the rest of Moskalyuk's review. Getting things done author David Allen pages 288 publisher Penguin rating 9 reviewer Alex Moskalyuk ISBN 0142000280 summary The art of stress-free productivity

Allen's idea is to first look at the sources of stress. Whether you're working a cushy corporate job, are self-employed, or are still in college, what makes you feel frustrated and stressed? Unless you have had some major disasters in life, the answer will probably rotate around having too much to do and too little time to accomplish all the tasks. Moreover, people around you don't seem to realize how pressed for time you are as they keep coming up with every possible way to interrupt you.

Business people like to talk about multi-tasking. It fills one with feeling of self-importance, since it's obvious that if one multi-tasks, then he or she is involved in multiple projects, failure on most of which would probably result in the end of human civilization. But as Allen points out (his site contains a promotional WMV/QuickTime video), multi-tasking requires you to persist a bunch of projects (most of them unfinished) in your head.

If you count the time you spend on each actual project, and the time you spend switching between the projects, you'd be surprised how much time is spent on the overhead of going from one project to another. Basically (although Allen doesn't express it in these terms) we all would like to be Knoppix, with everything kept in RAM (our brains), nothing relegated to the hard drive (paper or information-management software), multi-tasking at its best. But as anyone would tell you, Knoppix can be quite resource-intensive, and you do not exactly get screaming speeds with it. We're all wired up like early DOS - single-tasking with everything else assigned to external storage, best at doing one thing at a time, if we're to do it well.

Allen develops a system to deal with projects and everyday interruptions accompanying them. Does the issue that came up require less than 2-3 minutes to respond to? Is it returning a call to confirm the dental appointment or e-mail to another developer saying you agree with his suggestion and would approve of it? If it takes you less than 2-3 minutes, do it right away. Do not file it under "Later," do not postpone it until lunch, because your brain keeps track of this stuff, and this unfinished while loop will be running in your brain, even if consciously you do not think about it every minute. In other words, keep the RAM clean.

Allen advocates the 3-D model, where the Ds stand for "Do it," "Delegate it," "Defer it" and advises all projects and small tasks to be processed in that order. The "Do it" part was described above for the tasks that take just a few minutes. The author promises you'd be surprised how much can be achieved by following this simple rule. At the same time, if the project just requires your approval, and you'd pass it to someone else after that, delegate it. But get it off your mind right away, because it's not yours and thus cannot occupy the precious RAM space. Delegate it -- send the e-mail, fax it away, or transfer it to another person in your organization. And if it's definitely a long task and it needs to be done by you, then defer it to the time slot when you're sure you can sit down and do it (by the time you get rid of all the doable and delegable, you will find yourself with plenty of time left to important projects).

Allen is pretty good at pointing out the various excuses that we come up with to excuse our lack of productivity. The rules sound simple, even simplistic, but that's the key to the efficiency of his system. I liked the author's approach, and adhering to his system seemed to bring a relaxed attitude into my daily schedule, since now I don't have a guilt trip over concentrating on a single task and refusing to multi-task. You can read an interview with an author at About.com. There's also an article about the methodology in Fast Company magazine with descriptive title You can do anything - but not everything. I would recommend this book to anyone who feels stress after work or someone who feels they are not at the top of their productivity and spend too much time doing inessential things.

In his spare time Alex enjoys reading business and technology books. He also keeps a list of free books for readers on a tight budget. You can purchase Getting Things Done from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser) writes "If you own the first edition of this book, then it's probably dog-eared and well thumbed-through, so now's a good time to upgrade to this extensive volume, Practical Guide to Red Hat Linux: Fedora Core and Red Hat Enterprise Linux, second edition. This book covers Fedora Core 2 (2.6 kernel) and Red Hat Enterprise Linux version 3 (2.4 fork version with 2.6 kernel features) and includes Fedora Core on four CDs, which comprises the complete release. Mark G. Sobell accomplishes what many fail at: he has successfully crammed a huge amount of information into one volume in a compact, perfectly readable manner. This second edition serves two audiences, the end user and the administrator, and consequently combines two topics that easily could have filled separate books: Fedora Core and Enterprise Linux." Read on for the rest of Norbury-Glaser's review. Practical Guide to Red Hat Linux: Fedora Core and Red Hat Enterprise Linux (2nd Edition) author Mark G. Sobell pages 1136 publisher Prentice Hall PTR rating 9 reviewer Mary Norbury-Glaser ISBN 0131470248 summary Practical Guide to Red Hat Linux: Fedora Core and RHEL

The book is separated into parts: Installing Red Hat Linux, Getting Started with Red Hat Linux, Digging into Red Hat Linux, System Administration, Using Clients and Setting Up Servers, Programming, and Appendixes. Each part is further divided into chapters including Linux Utilities and Filesystem, GUIs, Shell, Networking/Internet, Files, Directories, Downloading/Installing Software, Printing with CUPS, Rebuilding the Linux Kernel, Admin Tasks, Configuring a LAN, OpenSSH, FTP, sendmail, NIS, NFS, Samba, DNS/BIND, iptables, Apache, Programming Tools, Regular Expressions, Security and many others. Clearly, Sobell takes great pains to address every aspect of Linux that the end user or admin would encounter. Sobell has also taken several steps to make sure the book works as a reference work: he's structured the layout with identifiers (Fedora or RHEL) to enable the reader to identify the OS he or she is mainly interested in, optional sections with more difficult concepts that can be skipped until the reader is more competent to address them, caution boxes that provide warnings about troublesome areas, tip boxes with interesting information or alternative suggestions, security boxes, many practical examples, chapter summaries, review exercises, resources, GNU tools, pointers to online documentation and URLS. There is also a glossary with cross-references to other terms and chapter page numbers.

After a Welcome To Linux chapter that introduces the reader to the history of Linux/Unix, GNU and why everyone should use Linux (an understandable inclusion, but probably of little interest to current Linux users), we move quickly into a brief overview of installation. A scant 50 pages is dedicated to installation, but Sobell covers the necessary particulars with sufficient depth that even a beginner should feel comfortable with these instructions. I approached this book from an administrator's perspective so felt the time and detail devoted to installation was completely appropriate; neither too much nor too little information presented. Experienced users can easily skip this section and not feel they've lost any significant amount of their investment by doing so; at over a 1000 pages, this book has plenty for everyone. It's interesting to note that the author chooses to lead the user through installing KDE instead of GNOME, Red Hat's default desktop manager, although both are addressed in detail in Part III.

Part II introduces the reader to Red Hat, Linux utilities (ls, cat, rm, cp, grep, head, tail, sort, diff, echo, script, mcopy, gzip, gunzip, zcat, tar, which, whereis, apropos, who, finger, write, talk, vim), the Linux filesystem (mkdir, cd, absolute and relative pathnames, rmdir, mv, cp, access permissions, hard links, symbolic links) and an intro to the Shell (the author's choice is bash). Both graphical and command line utilities are discussed; system admins in particular should become familiar with the command line choices.

Part III covers Linux GUIs (xwindow, startx, remote computing, GNOME, KDE) and more bash (basics, separating and grouping commands, redirecting standard error, parameters and variables) in depth, and gives an introduction to networking and the Internet (types of networks, network protocols and utilities, ping, traceroute, host and dig, distributed computing, usenet). This leads smoothly into Part IV, System Administration. This is a meaty chunk of the book, with well-written core information (core concepts, files, directories and filesystems, downloading and installing software, printing with CUPS, rebuilding the Linux Kernel, Admin tasks and LAN configuration). Sobell introduces the reader to installing and updating using Red Hat's RPM system and updating via Yum and Apt. An especially nice addition here is Chapter 15 on Rebuilding the Linux Kernel. Often glossed over or ignored completely, this is an exercise that should be included in any decent Linux volume and Sobell doesn't disappoint.

Part V continues the administration learning curve on Using Clients and Setting Up Servers. Chapters include OpenSSH, FTP, sendmail, NFS, Samba, DNS/BIND and Apache. Probably every advanced user to administrator should take some time over the OpenSSH chapter; it contains great information, start with, but more importantly is positioned as a prerequisite to further secure network communication instruction.

These chapters should provide more than adequate instruction for anyone running Apache, Samba or mail services for the first time. However, somewhere in here a primer on PHP/mySQL and additional email server choices (other than the discussed sendmail) would be welcome.

Programming tools and a revisit with bash comprise Part VI. Programming in C, using shared libraries, debugging, system calls and CVS are covered in Chapter 27. Chapter 28 continues with additional bash commands and concepts (control structures, string pattern matching, filename generation and functions), utilizing many short script examples. There's an excellent section on CVS and very useful information on compilers.

The Appendixes and glossary round out the book with helpful information on regular expressions (characters, delimiters, special characters, bracketing expressions), help (finding Linux-related information, documentation, Linux sites/newsgroups/mailing lists, software, office suites and specifying a terminal) and security (encryption, file/email/network/host/login/remote access/physical security, viruses and worms and security resources).

Also included in the appendixes is the Free Software Definition, which is a verbatim copy of the original document on the GNU website, and a description of features new to the 2.6 kernel.

Since I'm in an educational environment, I found the content of Sobell's book to be right on target and very helpful for anyone managing Linux in the enterprise. His style of writing is very clear. He builds up to the chapter exercises, which I find to be relevant to real-world scenarios a user or admin would encounter. An IT/IS student would find this book a valuable complement to their education. The vast amount of information is extremely well-balanced and Sobell manages to present the content without complicated asides and meandering prose. This is a "must have" for anyone managing Linux systems in a networked environment or anyone running a Linux server. I would also highly recommend it to an experienced computer user who is moving to the Linux platform.

You can purchase Practical Guide to Red Hat Linux: Fedora Core and Red Hat Enterprise Linux, second edition, from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Ben Rothke writes "In Outsource: Competing in the Global Productivity Race , Edward Yourdon examined the plight of displaced workers who find their jobs outsourced to cheaper workers overseas. The reality is that American technology jobs are being outsourced by the tens of thousands, with no end in sight. Workers who once envisioned a bright future now only see grim possibilities. In a fascinating book, Business Under Fire: How Israeli Companies Are Succeeding in the Face of Terror - and What We Can Learn from Them, author Dan Carrison focuses on a different sort of crisis resulting in lost jobs: terrorism." Read on for Rothke's review. Business Under Fire: How Israeli Companies Are Succeeding in the Face of Terror and What We Can Learn from Them author Dan Carrison pages 256 publisher AMACOM rating 10 reviewer Ben Rothke ISBN 0814408397 summary Businesses learning to cope with a depressed economy and violence can find unexpected lessons in adversity.

Since the revival of the Palestinian intifada in October 2000, hundreds of thousands of jobs have been lost in Israel -- a situation made worse by the NASDAQ meltdown of the same period. With an Israeli population of only 6.2 million, these lost jobs have had a catastrophic effect on the economy.

As a management consultant, Carrison wondered how any company, let alone an entire economy, could survive in an environment ravaged by terrorism and a recession. He questioned -- from a business perspective -- how businesses in Israel were able to stay viable in such a chaotic and destructive environment. He concludes, after spending time in Israel and interviewing many business leaders there, that even with all of the terrorism the Israeli economy is surprisingly robust.

Without getting into the politics of the middle-east conflict, nor taking sides, the book shows both technology and business managers how they can deal with the most adverse of situations.

Carrison interviews a cross section of CEOs and managers from industries hurt the hardest; namely tourism, hotel, hi-tech and biotech. What emerges from all of the stories is that every manager claims that the intifada not destroyed his company, but has actually made it a leaner and more efficient organization and one that will be ready to go into overdrive when normal economic times resume.

The five chapters have the same format: interviews with CEOs and senior directors, and a checklist for managing a business under fire. Each interviewee offers his own observations and strategies on how to deal with the current situation and work towards future growth. These strategies run from redefining the market, sharing the risk, to contingency plans and more.

One significant difference between Israel and America is demonstrated by the way Israeli citizens deal psychologically with terrorism. In an interview with financial consultant Danny Halpern, Carrison asks how many people would rent office space in the World Trade Center in New York City, were it completely rebuilt and reopened tomorrow. Halpern doubts the World Trade Center would have the same occupancy level as before 9/11. But he notes that in Israel, office are repopulated after they are bombed, and customers frequent bombed cafes and restaurants as soon as they are repaired.

Another telling difference that Halpern observed is that in Israel is more concerned with the quality of security, whereas in the U.S., more is invested into the mechanics of security. In the U.S., because of the huge numbers involved, the investment in security by default is in the mechanics, and the system. With that, minimum wage workers are hired to carry out what are supposedly important security functions.

The hotel industry has been hit hard. Hotels operate with large staffs, and require high occupancy rates to break even (roughly 75 percent). Carrison interviewed a number of hotel managers who saw their occupancy rate average about 25 percent. By any account, those hotels should have closed its doors and declared bankruptcy. But what happened is that the hotels discovered many correctable inefficiencies. In fact, Raphy Weiner, General Manager of the five-star Daniel Hotel, noted that he learned how inefficient the hotel had been before the crisis and "we'll never go back to the old way. The intifada has been a school for us."

The lesson that American IT managers can take from Weiner are that even the most adverse situation can be a fulcrum for change. Those in danger of having their jobs outsourced -- a significant number of us -- can take those lessons to heart, and hope that their managers and CEOs do too.

Carrison found that every manager had been challenged in cataclysmic ways, but refused to be run out of business by terrorists. Their defiance to the terrorists led them to streamline operations, reduce staff and determine a method to ride out the economic storm. That cutting back leads to a cruel irony: the people most heavily hurt from an economic perspective are the many Palestinian workers who -- before the intifada started -- had good jobs in Israel. The severe cutbacks in many firms resulted in Palestinian workers losing their jobs as a direct result of terrorist activities by their compatriots.

While the cause of the Israeli programmer losing his job is not the same as that of the American programmer; the manner in which they both can rebuild can be the same. Nietzsche's observation that "what does not destroy me, makes me stronger" is the attitude in interview after interview in the book. There is a lot that American programmers and managers can learn from those under fire in Israel.

You can purchase Business Under Fire: How Israeli Companies Are Succeeding in the Face of Terror - and What We Can Learn from Them from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Maloney writes "Growing up, I was immersed in the science fiction tales of my time. Space travel and laser guns were fascinating, but even more fascinating to me were the science fiction movies that involved robots; the complicated machines that performed great feats of impossible skill, dexterity, and amazing computation. When Tomy and Heathkit released their personal robots, I tried in vain to con my parents into believing that a personal robot might improve our quality of life in some way (mine more than theirs because I would obviously have been the skillful programmer of these robotic devices). While Robot Building for Beginners won't have you creating anything as complicated as C3PO or even a HERO Jr., it will show you how to build a simple robot from the ground up, and will help those who don't have the rudimentary electronics experience required to master these skills." Read on for the rest of Maloney's review. Robot Building for Beginners author David Cook pages 568 publisher Apress rating 10 reviewer Craig Maloney ISBN 1893115445 summary A complete "back-to-basics" guide to designing and building a simple robot

Beginner means beginner I didn't actually build the robot presented in the book, but after reading it, I feel confident that I wouldn't have any problems building it.

Robot Building for Beginners is not a misnomer. If you have an area set aside in your home that you call your electronics lab, and know how to use breadboards, multimeters, and soldering irons, you may not get as much out of this book. If, however, you have to clear off your project area in order to eat and don't know the first thing about where to begin to build a robot, then this book will be a roadmap on your journey to proficiency. Loads of pictures and very frank discussion make this book a pleasure to read, and a real learning tool.

The book begins with a brief introduction to the robot hobby and some interesting robot pieces and projects. Next is an informative chapter on where to purchase the parts for the robot, with an emphasis on getting parts cheaply. The author also gives some hints on how to order parts cheaply through quantity discounts as well as part substitution. The book then takes a brief detour onto the subject of safety, with such sage advice as using items safe for the reader (lead-free solder, safety goggles, and dust masks) and items safe for the electronics (circuit breakers, grounded plugs, and following instructions). The author also briefly cautions against making dangerous robots (like the ones on BattleBots) because they can not only be very dangerous, but can also be hazardous to test (sorry, guys. :) ).

From there the author dedicates two chapters to selecting and using one of the more important pieces of equipment for electronics projects: the multimeter. The author presents some sage advice for selecting an appropriate, accurate mutimeter within your budget. I used this knowledge to pick out a very nice, affordable multimeter of my own (a Triplett 9025, for anyone who is interested).

Next, a brief discussion on numbers and units, followed by a chapter on robot line-following rounds out the basics section of the book. The sandwich robot (so named because the author uses a sandwich container for the body) is introduced in the chapter on line-following, and forms the basis for the project that is built through the rest of the book.

Parts is parts

The next few chapters form an excellent introduction to the electronic components that make up the sandwich robot. From an informative discussion on batteries (the results may surprise you. It certainly changed how I look at batteries) to components like breadboard, transistors, variable resistors, and IC chips. Each chapter introduces a particular component, describes what it does, and give some very useful tips for using the component effectively. The components are introduced by demonstrating how they fit together in simple circuits. I found myself learning a great deal about each of the components and how they fit together. Next the book tackles the more mechanical aspects of the robot (motors, tires and couplers) and how to select, work, and assemble them into the final project. Two chapters follow, dealing with everyone's favorite topic: soldering. The first chapter handles the equipment needed for soldering, while the next chapter handles how to solder properly. Even the most nervous soldering neophyte will feel right at home with a soldering iron after these chapters.

Putting it all together Time to put the knowledge together! The next chapter tackles the motherboard of the robot. A schematic and lots of pictures with layouts and hints help make what could be a difficult process into something less frightening. Cleaning and testing the motherboard rounds out the last part of the chapter. Then it's on to the body construction and the launching of the robot! The last chapter talks about other goodies such as LCD screens, real microprocessors, and other components worth checking out. There's also a quick mention of robotics clubs and projects the author would like to take on. The author is a robotics enthusiast, and it shows with his candid writing. What's in it for me?

Robot Building for Beginners is a great resource for those who may not have a background with electronics. I found myself learning all sorts of useful information from this book. Those who may not be interested in building a robot will still find this book useful for a good primer in electronics and electronic circuits. They may also be convinced by the author's sheer love for robot tinkering to explore the world of robotics. People with an electronics background may not be interested in this book as much as a rank beginner, but don't let that dissuade you from checking out this excellent book. I can easily recommend this book to anyone with a passing interest in electronic circuits and robotics. The robots you build from this book may not be able to serve drinks, or repair a damaged X-Wing fighter, but you'll definitely have fun building them.

You can purchase Robot Building for Beginners from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Jack Herrington writes "For most companies, lightning never strikes. The promised miracle product fails, and the revolutionary dreams meet evolutionary reality. But for Apple, lightning struck twice: first with the Apple computer, which can be justifiably named the first personal computer, then with the Macintosh. Introduced with the groundbreaking 1984 commercial the Mac started the GUI revolution which brought millions of new users into the once inhospitable world of computing." Read on for Herrington's review of Revolution in the Valley. Revolution in the Valley author Andy Hertzfeld pages 240 publisher O'Reilly rating 9 reviewer Jack Herrington ISBN 0596007191 summary The birth of the Mac, as told by one of its creators

At the heart of this revolution was a set of brilliant engineers and coders who through their work inspired individuals and companies alike. Andy Hertzfeld captured this revolutionary time at Apple through the eyes of the engineers involved at his site, folklore.org. Now he's published these stories in the book Revolution in the Valley.

Apple Confidential 2.0 will give you history. Cult of Mac describes the phenomenon from the outside. But only Revolution in the Valley tells the story of a computer revolution from the perspective of the team in the center of the storm.

The book consists of concise stories, separated by pages of notes, drawings and photographs from the three years it took to develop the original Mac. The stories run in length between one and eight pages, with most ending in the two- or three-page range. Each is told from a personal perspective, mainly by Hertzfeld himself. Sidebars with comments from Woz and others are included to round out the perspective.

The stories are organized chronologically, starting with Hertzfeld's first days at Apple and ending around the time when Jobs was ousted in Sculley's palace coup. Most of the stories are technical in nature, often going down into the level of hardware detail. Others are more personal in nature, detailing Jobs' odd hiring or management style, talking about the stresses of a 90-hour work week, or recounting Adam Osbourne's threats about the destruction of Apple and Jobs' famous response.

With its roughly one hundred stories weighing in at a little under 300 pages this is a relatively quick read. This is especially true since the stories work on many levels and are told with remarkable skill. There are some standouts: The development of the GUI, replete with Polaroids taken at key points along the way, is excellent. The story on the first meeting with Microsoft is told from a whole new perspective from what we have heard in the past. The genesis of the 1984 commercial is fascinating, and the meeting with Mick Jagger is hysterical.

There isn't a whole lot here that you won't find on folklore.org, though some of the later chapters do some summation work that I couldn't find on the site. These bring the book together as a coherent, readable whole. The note pages, which separate the chapters and are not on the site, are interesting on their own, particularly the notes from the session with Alan Kay.

Apple's development of the Macintosh has been seen as the prototype of the dot-com death marches that would follow. What we see here is the potent mix of technical brilliance, insane work hours and pressure, and management arrogance that paints a much more chaotic and realistic picture.

On a personal level, this is the book I have been waiting for my whole career. Andy Hertzfeld and Bill Atkinson are legends to me and many others. The passion and brilliance they demonstrated set the bar for all of us who look at computer science not as a job, but as a calling. To see the Mac development from Andy's perspective is simultaneously deflating and uplifting. Their project suffered from all of the usual trials. But somehow the team got through it, their creativity and hard work paid off, and they changed the world.

How many revolutions can there be? How many times can lighting strike? How can one small group of people change the world? That's what we all got into this business to find out. And this book shows us an example of how it was done and inspires us to do the same. Thank you, Andy, for what you did then and what you are doing now.

Jack Herrington is an engineer with a twenty-year career inspired by people like Andy Hertzfeld, and the editor-in-chief of the Code Generation Network, as well as the author of Code Generation in Action. You can purchase Revolution in the Valley from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Ben Rothke writes "Outsource: Competing in the Global Productivity Race is a persuasive overview of the outsourcing phenomenon. Author Edward Yourdon's premise is that outsourcing is not going to disappear anytime soon, and -- given the success that many companies have begun enjoying during the past few years -- it is not likely to level off anytime soon. Outsourcing is now a mainstream phenomenon and is affecting more and more workers, in nearly every knowledge-based sector. In a nutshell, this is Yourdon's book of how to prepare yourself for the inevitable." Read on for the rest of Rothke's review, as well as Jason Bennett's different take on the book. Outsouce? : Competing in the Global Productivity Race author Edward Yourdon pages 227 publisher Prentice Hall rating 10 reviewer Ben Rothke, Jason Bennett ISBN 0131475711 summary Excellent discussion about outsourcing and what you can do to save your job

Ben Rothke (continued)

For those Americans who would hope their representatives in Washington would get involved and pass laws to stem the flow of jobs overseas, there is little that Washington will likely do to help knowledge-based workers whose jobs are in danger of being offshored. While the loss of jobs is a crisis to many of us, Yourdon makes note of the oil crisis of the early 1970s and a speech that Jimmy Carter made in April 1977. Carter said "If we fail to act soon we will face an economic, social and political crisis that will threaten our free institutions." Nearly 30 years after Carter made that speech, oil is at an all-time high and nothing has been significantly done to reduce our dependency on oil; or to find a better solution.

If Congress is apathetic when it comes to an effective energy policy that affects an entire nation, it is clear that preserving the jobs of C and Java programmers is likely to be at the bottom of any congressman's to-do list. In 2005, national security, Medicare and Iraq are just a few of the issues that seem to be far more pressing to the nation than the loss of programmers.

The book is written about outsourcing in general, but has a heavy slant to programmers whose jobs have been outsourced to India. The prime advantage India has over other countries with cheap labor is a large base of workers that speak English. While the salaries in China, for example, are even lower than in India, the language barrier is significant.

The main claims of proponents of outsourcing are of increased productivity and major cost savings. Whether these claims are real is to a degree immaterial, as the perception among CIOs is that outsourcing has an immediate cost savings. This is primarily due to the fact that the salaries and benefit costs of overseas programmers are radically less than those of their U.S. counterparts.

From a productivity and efficiency perspective, many Indian firms are CMM level-5 certified, something that their U.S. counterparts can't attest to. At the end of the day, is better and cheaper code produced in Bangalore and Mumbai? Yourdon states that it is hard to find hard and fast answers. But with outsourcing the rage, there is the perception that Indian firms are more productive, formalized and efficient than their US counterparts is being accepted as fact. For many, perception is reality, and the reality is that jobs are being sent overseas by the thousands.

Outsource:Competing in the Global Productivity Race is written for (and beneficial to) anyone who feels that his job may be in danger of being outsourced. The book is well-written and pragmatic, and Yourdon notes that there are no simple answers to be found, nor are there any obvious choices. The book guides the reader who is working in a knowledge-based position to better determine where the trends in outsourcing are going and how to best save their job and simultaneously prepare for the inevitable. It is not that every knowledge-based job will be outsourced, but rather that the potential exists that every job could be outsourced. With that, it behooves everyone to get make sure they are prepared.

In 1992, Yourdon wrote Decline and Fall of the American Programmer. In the book, he predicted that U.S. programmers would "suffer the fate of the Dodo bird" as companies shifted jobs from American workers to those overseas to take advantage of lower pay, less labor regulations and higher productivity. Yourdon admits his prediction was partially incorrect. U.S. programmers have not gone the way of the Dodo bird and hiring is resuming; but in spite of everything, huge numbers of jobs are being sent overseas.

While Decline and Fall of the American Programmer was focused exclusively on technology workers, Yourdon writes that every knowledge-based job is vulnerable to being outsourced. From radiologists to tax preparers, telemarketers to architects, and more.

Perhaps the biggest benefit of Outsource is the composed manner in which Yourdon writes. Outsourcing is a controversial, political and extremely emotional topic, and Yourdon provides a balanced view of the outsourcing phenomena.

One of the solutions suggested to stemming the flow of jobs overseas is protectionist federal regulations. Yourdon believes that such measures are doomed to fail, in that you can't protect knowledge-based worked in the same way that steel and agriculture products can be protected. Yourdon admits that there might be some short-term benefits to a protectionist strategy, but will fail in the long-term. His view is that protectionism is simply blaming someone else for the existence of competition; and such an approach does not solve the problem. His solution, and the overall advice in the book, is to make each and every American knowledge worker more prepared to face competition from overseas.

Of the books 10 chapters, the most compelling is chapter 6, which provides seven strategies in which to deal with the threat of outsourcing. The first is to be proactive, with the last being to consider a career change. Yourdon does not promise and secrets or miracles in the chapter and attempts to provide some common, yet often overlooked, sense.

Outsource ends with the following quote: "I was taught very early that I would have to depend entirely upon myself; that my future lay in my own hands." This book shows you how.

Jason Bennett's take:

Information technology outsourcing has been a hot topic of discussion for many years now, but Ed Yourdon has, with varying degrees of success, been writing on the topic since 1992's Decline and Fall of the American Programmer. His initial prophecies were somewhat early and off the mark, however, prompting his 1996 sequel The Rise and Resurrection of the American Programmer. Now, eight years after his mea culpa, Yourdon has returned to the issue with what can best be described as The Decline and Fall of the American Worker.

Am I overstating his thesis a bit? Probably, but such exaggeration seems to be a Yourdon stock-in-trade (see his Byte Wars or especially his Time Bomb 2000! for some over-the-top predictions of doom). Overall, his thesis is fairly standard: the Third World (namely, Eastern Europe, India and China) has a lot of very educated people who, thanks to the Internet, can now do your job for your company from their country, and for a lot less money. This makes you expendable and them employable. Since there are a lot of them, unless you're really good, there's a decent chance your job is at risk. Yourdon expands his reach beyond the typical programmer or sysadmin to encompass all types of knowledge work, from reading (and diagnosing) x-rays to accountants and tax preparers. Eventually, he concludes, 10%-15% of current Western knowledge worker jobs may be lost to outsourcing, depending on various factors, including salary and productivity.

Yourdon's main solution to the problem can be summed up as "more productivity," by which he means business process changes as well as better measurability (CMM is mentioned several times in conjunction with Indian outsourcing firms). His point being, if you earn five times more than an Indian programmer, but are ten times more productive (and can prove it), then your job is safe. If your productivity is not up to snuff (or you can't measure it), you're more likely to be caught up in the rush. If you can't be more productive, (or not productive enough), he has various suggestions for making yourself less vulnerable to outsourcing. He also goes on at length about how companies can do offshoring, if need be, and what he sees as good national strategies to invest in education and job training to keep workers well-tuned to what the economy needs. In general, Yourdon sees offshoring as inevitable (and impossible to stop via protectionist means), but also as a challenge that can be met if we face it head-on.

Overall, while the book may be informative to someone who hasn't thought about the issue of offshoring much, or who has a fairly shallow understanding of the issue, I didn't feel that Yourdon addressed the problem in a particularly deep or thorough way. Offshoring, like any kind of trade, has broad implications for economies that are difficult to perceive. For example, will India's domestic demand for software increase as Western jobs are outsourced and its economy improves, and will that redirect programmers from offshoring positions? In his discussion on medical outsourcing (both of diagnostics, as well as actually traveling to other countries), Yourdon neglects to mention the legal implications of this trend. If an Indian doctor misreads your x-ray, how do you go about suing him? Finally, Yourdon does not address whether these productivity measurements are truly meaningful: A CMM level 5 shop can produce bad software just as well as a CMM level 0 shop; it just means that it can produce it badly in the same way each time.

In sum, this book is a good first read on the topic for someone who has not had extensive exposure to the issue, but for anyone who has been studying the problems for some time, the issues raised and solutions presented may seem elementary.

You can purchase Outsource: Competing in the Global Productivity Race from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jkauzlar writes "Popular mathematics books don't come along often and when they do, they're only occasionally worth the read. John Derbyshire, a controversy-stirring political propagandist by day, and mathematician-enthusiast by night, has composed what may turn to out to be one of the classics of mathematical literature for the lay-person." Read on for the rest of jkauzlar's review. Prime Obsession: Bernhard Riemann and the Greatest Unsolved Problem in Mathematics author John Derbyshire pages 422 publisher Plume rating 9/10 reviewer jkauzlar ISBN 0452285259 summary History of the attempt to prove the Riemann Hypothesis

Bernhard Riemann came to the University of Goettingen in 1846 at the age of 19, originally to study theology. The University, however, was home to Carl Friedrich Gauss, "the greatest mathematician of his age and possibly of any age," and the impressionable young Riemann, succumbing to the privilege of Gauss's presence and following his already blossoming interest in mathematics, refocused his studies on the area in which he would soon attain distinct immortality. As early as 1851 he was impressing even Gauss with the results of his doctoral dissertation and in 1859 was appointed a corresponding member of the Berlin Academy. To this honor, Riemann responded with his most famous paper, entitled "On the number of prime numbers less than a given quantity," containing therein what became known as the Riemann Hypothesis.

At the heart of the RH is the Zeta function which, in its basic form, looks like this: Z(s)=1 + 1/2^s + 1/3^s + 1/4^s + ... and which, through some simple algebraic manipulation as demonstrated by the mathematically gifted journalist Derbyshire, can be given in the form (1 - 2^-s)^-1 * (1 - 3^-s)^-1 * (1 - 5^-s)^-1 * (1 - 7^-s)^-1 * ... And it is in this second form which Derbyshire calls "The Golden Key" where the non-mathematician gets the first glimpse of the Zeta function's relationship with prime numbers.

But where this Golden Key appears as this "novel's" turning point--its central conflict-- it is not until Prime Obsession's climax when the Key is at last turned and the Zeta function's true relationship to the prime counting function pi(x)--the number of primes less than a given x--is at last made clear. Along the way, from the introduction of the Zeta function to the final explanation of its relevance to prime numbers (the turning of the Key), Derbyshire enlightens us with clear, mostly English language descriptions of the mathematics involved, as well as plentiful anecdotes that give readers a sense of the life and work of the major figures in the history surrounding the RH from Euler, Gauss and Dedekind in the late 18th century through Riemann's 1859 paper, and from 1859 onward to recent advancements in the '80s and '90s.

The Riemann Hypothesis states that "all nontrivial zeros of the Zeta function have real part one-half." Understanding the statement of the hypothesis is Derbyshire's first mission for the reader. In short, most functions with a dependent variable, say f(x)=x^2-2x+1, have a value for which if you replace x with this value, the function returns zero. In the example given, it is at the value x=1 where f(x)=0. The Zeta function has an infinite number of these zeroes and an infinite number of these is "non-trivial." The non-trivial zeroes come from complex number values. Riemann's guess, his hypothesis, is that the real part of each of these non-trivial zeroes is equal to one-half. The imaginary part can be anything.

Derbyshire explains all of the mathematics in very readable language. It's unlikely that anyone who did well in high school mathematics will not be able to follow Derbyshire's mathematics (and it's unlikely that those who didn't do well will pick up a 400-page book on this topic). The Zeta function is explored from a number of angles--numerically, graphically, algebraically, statistically, and there's even a link between the non-trivial zeroes of the Zeta function and quantum physics! By a larger margin, however, Prime Obsession's intrigue lies in Derbyshire's expositions on Riemann, Hilbert, Turing, Gauss, et al, as well as those modern mathematicians he's interviewed personally. The line between the mathematical half of the book and the historical is clearly defined; the odd-numbered chapters are devoted to the former, the even to the latter.

Those fans and foes of Derbyshire's most public line of work as a journalist/editorial writer for National Review will be comforted to know all political polemics have been set aside. John Derbyshire gives a virtuoso performance as an informed journalist and maintains his stance as a personable and careful guide through a sometimes difficult terrain. Anyone with some interest in the topic will find it hard to put down Derbyshire's book once begun. If we are lucky (hint, hint, JD) perhaps Derbyshire's next book will cover the newly-proven Poincare Conjecture ...

You can purchase Prime Obsession: Bernhard Riemann and the Greatest Unsolved Problem in Mathematics from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Robert Nagle writes "Over the last year, Zope and Plone have gained mindshare as open source web application servers. In the last few months, two books have come out about how to use, extend and administer Plone. One is Andy McKay's Definitive Guide to Plone (available for free online), and the other is Julie Meloni's Plone Content Management Essentials." Read on for Nagle's review of both books. (See each) author (See each) pages (See each) publisher (See each) rating (See each) reviewer Robert Nagle ISBN (See each) summary McKay's book is indeed definitive; Meloni's book is a good introduction

The Zope/plone combination offers a variety of advantages to the open source developer: robust workflow capabilities, conformity to Web standards, cross-platform support and a sophisticated security model. On the other hand, it has a steep learning curve and deals with objects in an object database (instead of the usual RDBMS/LAMP data model).

First, here's 30 seconds of what Plone is all about (the Slashdot editors can provide the bunnies). Zope is a Python-backed web application server which includes a Zope Management Interface (or ZMI), a web-based interface to modify templates and interact with/administer the Zope Object Database (ZODB). Although Zope can be a standalone webserver, in fact people usually put it behind Apache for reasons of security, performance and caching. Years ago, Zope used a custom scripting language (DTML) to do its business logic, but later switched to an XML-based templating language called ZPT and let users use Python-based scripts to perform actions. Zope is the application server; CMF is the content management framework, and Plone is the standards-compliant front end that lets you manage skins, slots, styles, portlets, forms, actions, content types and installation of products. Then there's archetypes, which make it easier to create new content types and web forms. Oh, have I mentioned that we're dealing with objects here? In other words, we're not just throwing data and text into SQL); we're creating different types of content (documents, events, multimedia objects), storing them as objects (with actions, metadata, etc) and then summoning them (or parts of them) from the object database with ZPT using macros and indices.

From a design perspective, Plone is elegant although so multi-layered that it's often hard to figure out where to make changes. Also, while the Plone front end is snazzy, most users end up having to go to the ZMI to modify the template and edit actions (which, depending on how you look at it, can be an advantage or disadvantage). Finally, although the list of open source products for Plone and Zope is impressive, they don't necessarily play well together, and many products for Zope don't work in Plone and vice versa.

Definitive Guide to Plone author Andy McKay pages 584 publisher Apress rating 5 ISBN 1590593294

That is where Andy McKay's book and Julie Meloni's book come in. Of the two books, Andy's is more comprehensive and geared toward the experienced developer (and typical Slashdot reader); Julie's book does more hand-holding and provides more thorough explanations of introductory concepts.

As a lead plone developer, McKay has intimate knowledge of the good, the bad and the ugly for plone. Although his chapters fly by certain introductory tasks at record speed, he explains things well and offers lots of tips and hints throughout the book. (I can't tell you how many times I've put the book down and exclaimed, 'Aha, so that's how you ...'). The sequence of presentation is generally logical with one exception: in chapter 14 (page 459), the book mentions that you can use Zope Enterprise Objects to debug a live server without having to shut down Plone. That is valuable -- even vital-- information, and belonged in the earlier chapter on installing Zope. Although the chapters don't go into great depth, his code examples and commentary are sufficient to explain what is going on.

It's not the main focus of the book, but the sections on system administration (caching, tuning, scaling) are well done although some things are missing (like Virtual Host Monster). It's assumed that readers will be able to find this information elsewhere.

The best parts about McKay's book are how it relates Python programming to Plone. The deeper you get into Plone, the more important it is to write Python scripts and do basic Python debugging. Even basic sysadmin tasks like product management seems to require an understanding of object-oriented concepts. One initial difficulty comes with the idea of URL paths corresponding not to actual directories but objects being contained within other objects. (So that login_form in http://foobar/login_form doesn't necessarily reside within the foobar directory, but is in any directory or object acquired by the foobar object). This type of URL (called a traversal) is explained well enough in the book, but often makes it difficult to figure out where to find things within the ZMI and the file system. Who would have ever thought that the place to edit the login_form object for http://foobar/login_form is /foobar/portal_skins/plone_forms/login_form within the ZMI (which is actually /zopeinstance/products/CMFPlone/skins/plone_forms/ login_form.pt on the file system)? That's why McKay's skin example (in Chapter 7) accomplishes so many things; it provides a "guided tour" through the layers (i.e., scripts, templates, etc) contained within portal_skins; it also runs through the process of creating custom templates and forms based on existing ones. This, by the way, is one of the niftiest features of Zope/Plone; you push a Customize button in the ZMI, and voila! you've cloned an object for customizing. This is dense stuff, but after reading this chapter, I have a better sense of the beast I'm dealing with.

I particularly liked the book's chapters on archetypes and manipulating content types. If Zope/Plone is about manipulating objects, then it helps to have a variety of objects to manipulate. Archetypes lets you create new content types and new views for content types. By providing Python libraries for fields and widgets, archetypes makes it relatively easy to create web forms for data input. McKay's book covers this topic thoroughly and clearly. I also appreciated the chapter on searches and indexing (and the helpful table of indices and index types); this filled in a lot of gaps in my knowledge. The sections on security and workflow contained good examples, and the book also contained a section on internationalization. The programming chapters are the best parts about the book.

On the negative side, I wish there were more charts and tables in the book (perhaps as appendices). A lot of this is already found within Zope help or the Plone site, but it would have been handy to have these things as reference. Although McKay's book contains a good (though brief) introduction to Zope Page Templates, the explanation of the syntax is scattered throughout the ZPT chapter; it would have been much better to summarize all the tal tags in a single table.

Also, at many points during the ZPT chapter and other chapters, McKay refers to Plone and archetype API classes that are described nowhere else in the book. It took me a while to figure out where these things were coming from (and I would refer you to here for API descriptions). The book would have benefited from a better description of APIs, even a high level view of it (You can find some quick references here).

Because of its focus on development, McKay's book spends almost no time on third-party products or "sanctioned" products available in the plone collective. This is somewhat understandable (given the mercurial nature of product development), but the casual reader might finish the book without realizing that additional additional products even exist. (Here's a fairly comprehensive list of Plone and Zope products).

Also, I would have liked better explanation about change management. Plone has its own product installer, but I always have difficulties upgrading products. How do you test products before actually deploying them? How do you manage upgrades (and how do you upgrade Zope itself?) For such an extensible project as Plone, managing the installation, testing and upgrade of third-party products can be a disaster waiting to happen.

Plone Content Management Essentials author Julie C. Meloni pages 258 publisher SAMS rating 3 ISBN 0672326876

Julie Meloni's book takes a different approach to the subject, one geared less to Python development and more to deploying third-party products and customizing site appearances. I'm tempted to say that the typical Slashdot reader would find this book "shallow," but really that is not fair. Although Meloni's book contains a short appendix on Python, it focuses more on how Plone works out of the box and how to take advantage of core functionality. In fact, Meloni's slender book contains many useful sections probably deemed too elementary for McKay's book: how structured text works, for example.

Rather than trying to cover everything Plone-related, Meloni identifies a small number of typical tasks and explains them in detail. For example, the book documents the Plone style sheets and how to modify them in the ZMI. Too basic, you say? Well, yes, but it's still useful reference material. Rather than trying to teach you how to write your own Plone product or content type from scratch, she walks us through using that nifty Customize button to clone existing templates for customization (although to tell the truth, you still need would need to know a good bit about Python and ZPT syntax to complete the task). Although the book's section on skins focused mainly on how they relate to style sheets, I found the section on customizing slots to be particularly useful.

In contrast to McKay's book, Meloni spends a separate chapter on deploying and using several popular plone products: a discussion board, a weblog and a photo album. Given that several competing products exist for each category, and that better products are likely to come out later, this chapter will probably be the first to go out of date.

Perhaps the book could have spent less time on the products themselves and more on managing products and testing/troubleshooting them.

Of the two books, McKay's book is the more indispensable, even though I still wound up consulting external sources fairly often for clarification. On the other hand, after reading first McKay's book and then Meloni's, I wish I had read Meloni's book first. Meloni's book provides a great introduction to basic plone concepts; McKay's book is great for the power user/developer. (Still another book, recently released, Cameron Cooper's Building Websites with Plone probably goes into more detail on the Python side; read a sample PDF chapter).

Perhaps I sound like a shill for the publishing industry when I say this, but it sometimes make sense to possess two or more books on a topic. The decision-making process for geeks buying books can sometimes differ radically from the general public. Geeks, for example, don't have qualms about paying full price for a new book if the content is up-to-late and relevant to the task at hand. The ordinary reader might make a purchasing decision on the basis of which book constitutes the highest information density (the $20 book with 200 pages vs. the $30 books with 500 pages). Geeks are also more inclined to view the purchasing decision in terms of time saved (i.e., how much time will reading this book save me in the long run?) From the standpoint of saving time, there's a lot to be said for reading an introductory book first and then moving to a book on more advanced topics.

Of course, Andy McKay's book is available already for free on the web (and kudos to Apress Publishing for allowing this).

** Actually, mysql/postgresql DB adaptors make it possible for Zope to fetch/send sql data; and Archetypes has a function, SQLStorage, to allow data from content objects to persist in a sql database (news to me). Other Web Resources:

• Zopezen, Andy McKay's development weblog
• Plone How-to's
• List of Plone Products and Zope Products, Sorted by Category
• Zope & Plone API's. (More here).
• Great Visual Guide to the Zope/Plone Interface
• Handouts from the Plone Conference for 2003 and 2004
• ZopeMag Weekly, an intermittent series of Zope and Plone tips and tricks.
• For general Python introductions, see the Python Tutorial, How To Think Like A Computer Scientist (Python) and Dive Into Python (also published by Apress and free online)

Robert Nagle (aka idiotprogrammer) writes fiction under various pseudonyms. He lives and works in Houston, Texas. In early 2005 he will be launching a plone-backed literary community ezine. You can purchase the Definitive Guide to Plone from bn.com; bn also carries Plone Content Management Essentials . Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Robert Nagle writes "Over the last year, Zope and Plone have gained mindshare as open source web application servers. In the last few months, two books have come out about how to use, extend and administer Plone. One is Andy McKay's Definitive Guide to Plone (available for free online), and the other is Julie Meloni's Plone Content Management Essentials." Read on for Nagle's review of both books. (See each) author (See each) pages (See each) publisher (See each) rating (See each) reviewer Robert Nagle ISBN (See each) summary McKay's book is indeed definitive; Meloni's book is a good introduction

The Zope/plone combination offers a variety of advantages to the open source developer: robust workflow capabilities, conformity to Web standards, cross-platform support and a sophisticated security model. On the other hand, it has a steep learning curve and deals with objects in an object database (instead of the usual RDBMS/LAMP data model).

First, here's 30 seconds of what Plone is all about (the Slashdot editors can provide the bunnies). Zope is a Python-backed web application server which includes a Zope Management Interface (or ZMI), a web-based interface to modify templates and interact with/administer the Zope Object Database (ZODB). Although Zope can be a standalone webserver, in fact people usually put it behind Apache for reasons of security, performance and caching. Years ago, Zope used a custom scripting language (DTML) to do its business logic, but later switched to an XML-based templating language called ZPT and let users use Python-based scripts to perform actions. Zope is the application server; CMF is the content management framework, and Plone is the standards-compliant front end that lets you manage skins, slots, styles, portlets, forms, actions, content types and installation of products. Then there's archetypes, which make it easier to create new content types and web forms. Oh, have I mentioned that we're dealing with objects here? In other words, we're not just throwing data and text into SQL); we're creating different types of content (documents, events, multimedia objects), storing them as objects (with actions, metadata, etc) and then summoning them (or parts of them) from the object database with ZPT using macros and indices.

From a design perspective, Plone is elegant although so multi-layered that it's often hard to figure out where to make changes. Also, while the Plone front end is snazzy, most users end up having to go to the ZMI to modify the template and edit actions (which, depending on how you look at it, can be an advantage or disadvantage). Finally, although the list of open source products for Plone and Zope is impressive, they don't necessarily play well together, and many products for Zope don't work in Plone and vice versa.

Definitive Guide to Plone author Andy McKay pages 584 publisher Apress rating 5 ISBN 1590593294

That is where Andy McKay's book and Julie Meloni's book come in. Of the two books, Andy's is more comprehensive and geared toward the experienced developer (and typical Slashdot reader); Julie's book does more hand-holding and provides more thorough explanations of introductory concepts.

As a lead plone developer, McKay has intimate knowledge of the good, the bad and the ugly for plone. Although his chapters fly by certain introductory tasks at record speed, he explains things well and offers lots of tips and hints throughout the book. (I can't tell you how many times I've put the book down and exclaimed, 'Aha, so that's how you ...'). The sequence of presentation is generally logical with one exception: in chapter 14 (page 459), the book mentions that you can use Zope Enterprise Objects to debug a live server without having to shut down Plone. That is valuable -- even vital-- information, and belonged in the earlier chapter on installing Zope. Although the chapters don't go into great depth, his code examples and commentary are sufficient to explain what is going on.

It's not the main focus of the book, but the sections on system administration (caching, tuning, scaling) are well done although some things are missing (like Virtual Host Monster). It's assumed that readers will be able to find this information elsewhere.

The best parts about McKay's book are how it relates Python programming to Plone. The deeper you get into Plone, the more important it is to write Python scripts and do basic Python debugging. Even basic sysadmin tasks like product management seems to require an understanding of object-oriented concepts. One initial difficulty comes with the idea of URL paths corresponding not to actual directories but objects being contained within other objects. (So that login_form in http://foobar/login_form doesn't necessarily reside within the foobar directory, but is in any directory or object acquired by the foobar object). This type of URL (called a traversal) is explained well enough in the book, but often makes it difficult to figure out where to find things within the ZMI and the file system. Who would have ever thought that the place to edit the login_form object for http://foobar/login_form is /foobar/portal_skins/plone_forms/login_form within the ZMI (which is actually /zopeinstance/products/CMFPlone/skins/plone_forms/ login_form.pt on the file system)? That's why McKay's skin example (in Chapter 7) accomplishes so many things; it provides a "guided tour" through the layers (i.e., scripts, templates, etc) contained within portal_skins; it also runs through the process of creating custom templates and forms based on existing ones. This, by the way, is one of the niftiest features of Zope/Plone; you push a Customize button in the ZMI, and voila! you've cloned an object for customizing. This is dense stuff, but after reading this chapter, I have a better sense of the beast I'm dealing with.

I particularly liked the book's chapters on archetypes and manipulating content types. If Zope/Plone is about manipulating objects, then it helps to have a variety of objects to manipulate. Archetypes lets you create new content types and new views for content types. By providing Python libraries for fields and widgets, archetypes makes it relatively easy to create web forms for data input. McKay's book covers this topic thoroughly and clearly. I also appreciated the chapter on searches and indexing (and the helpful table of indices and index types); this filled in a lot of gaps in my knowledge. The sections on security and workflow contained good examples, and the book also contained a section on internationalization. The programming chapters are the best parts about the book.

On the negative side, I wish there were more charts and tables in the book (perhaps as appendices). A lot of this is already found within Zope help or the Plone site, but it would have been handy to have these things as reference. Although McKay's book contains a good (though brief) introduction to Zope Page Templates, the explanation of the syntax is scattered throughout the ZPT chapter; it would have been much better to summarize all the tal tags in a single table.

Also, at many points during the ZPT chapter and other chapters, McKay refers to Plone and archetype API classes that are described nowhere else in the book. It took me a while to figure out where these things were coming from (and I would refer you to here for API descriptions). The book would have benefited from a better description of APIs, even a high level view of it (You can find some quick references here).

Because of its focus on development, McKay's book spends almost no time on third-party products or "sanctioned" products available in the plone collective. This is somewhat understandable (given the mercurial nature of product development), but the casual reader might finish the book without realizing that additional additional products even exist. (Here's a fairly comprehensive list of Plone and Zope products).

Also, I would have liked better explanation about change management. Plone has its own product installer, but I always have difficulties upgrading products. How do you test products before actually deploying them? How do you manage upgrades (and how do you upgrade Zope itself?) For such an extensible project as Plone, managing the installation, testing and upgrade of third-party products can be a disaster waiting to happen.

Plone Content Management Essentials author Julie C. Meloni pages 258 publisher SAMS rating 3 ISBN 0672326876

Julie Meloni's book takes a different approach to the subject, one geared less to Python development and more to deploying third-party products and customizing site appearances. I'm tempted to say that the typical Slashdot reader would find this book "shallow," but really that is not fair. Although Meloni's book contains a short appendix on Python, it focuses more on how Plone works out of the box and how to take advantage of core functionality. In fact, Meloni's slender book contains many useful sections probably deemed too elementary for McKay's book: how structured text works, for example.

Rather than trying to cover everything Plone-related, Meloni identifies a small number of typical tasks and explains them in detail. For example, the book documents the Plone style sheets and how to modify them in the ZMI. Too basic, you say? Well, yes, but it's still useful reference material. Rather than trying to teach you how to write your own Plone product or content type from scratch, she walks us through using that nifty Customize button to clone existing templates for customization (although to tell the truth, you still need would need to know a good bit about Python and ZPT syntax to complete the task). Although the book's section on skins focused mainly on how they relate to style sheets, I found the section on customizing slots to be particularly useful.

In contrast to McKay's book, Meloni spends a separate chapter on deploying and using several popular plone products: a discussion board, a weblog and a photo album. Given that several competing products exist for each category, and that better products are likely to come out later, this chapter will probably be the first to go out of date.

Perhaps the book could have spent less time on the products themselves and more on managing products and testing/troubleshooting them.

Of the two books, McKay's book is the more indispensable, even though I still wound up consulting external sources fairly often for clarification. On the other hand, after reading first McKay's book and then Meloni's, I wish I had read Meloni's book first. Meloni's book provides a great introduction to basic plone concepts; McKay's book is great for the power user/developer. (Still another book, recently released, Cameron Cooper's Building Websites with Plone probably goes into more detail on the Python side; read a sample PDF chapter).

Perhaps I sound like a shill for the publishing industry when I say this, but it sometimes make sense to possess two or more books on a topic. The decision-making process for geeks buying books can sometimes differ radically from the general public. Geeks, for example, don't have qualms about paying full price for a new book if the content is up-to-late and relevant to the task at hand. The ordinary reader might make a purchasing decision on the basis of which book constitutes the highest information density (the $20 book with 200 pages vs. the $30 books with 500 pages). Geeks are also more inclined to view the purchasing decision in terms of time saved (i.e., how much time will reading this book save me in the long run?) From the standpoint of saving time, there's a lot to be said for reading an introductory book first and then moving to a book on more advanced topics.

Of course, Andy McKay's book is available already for free on the web (and kudos to Apress Publishing for allowing this).

** Actually, mysql/postgresql DB adaptors make it possible for Zope to fetch/send sql data; and Archetypes has a function, SQLStorage, to allow data from content objects to persist in a sql database (news to me). Other Web Resources:

• Zopezen, Andy McKay's development weblog
• Plone How-to's
• List of Plone Products and Zope Products, Sorted by Category
• Zope & Plone API's. (More here).
• Great Visual Guide to the Zope/Plone Interface
• Handouts from the Plone Conference for 2003 and 2004
• ZopeMag Weekly, an intermittent series of Zope and Plone tips and tricks.
• For general Python introductions, see the Python Tutorial, How To Think Like A Computer Scientist (Python) and Dive Into Python (also published by Apress and free online)

Robert Nagle (aka idiotprogrammer) writes fiction under various pseudonyms. He lives and works in Houston, Texas. In early 2005 he will be launching a plone-backed literary community ezine. You can purchase the Definitive Guide to Plone from bn.com; bn also carries Plone Content Management Essentials . Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

r3lody (Ray Lodato) writes "Just because Linux is under the GPL, some people believe that it's pretty standardized. Actually, each distro has its own little additions and, consequently, quirks. Writing an application to work reliably under all variations is not a slam-dunk. The Linux Standard Base Specification seeks to provide the common ground that all Linux apps should adhere to, and therefore make reasonably sure that they will work as advertised. Building Applications with the Linux Standard Base is a reference manual for application developers to make sure their programs will work across the Linux map." Read on for the rest of Lodato's review. Building Applications with the Linux Standard Base author Core Members of the Linux Standard Base Team pages 246 publisher Pearson plc publishing as IBM Press rating 8 reviewer Ray Lodato (rlodato AT yahoo DOT com) ISBN 0131456954 summary Very dry reading, but a lot of useful information packed into a slim 246 pages.

I've been involved with IBM products and documentation since the late '70s, and their documentation has traditionally come in two flavors: user's guides, and reference manuals. The former are meant to be read cover-to-cover (more or less), and the latter are meant to be looked at for specific bits of information. This book falls more to the reference manual side of the spectrum. Consequently, reading it cover-to-cover was a little dry, but the information needed to get an application certified with the Linux Standard Base (LSB) was clearly laid out.

Building Applications with the Linux Standard Base (published by IBM Press and available on your favorite bookstore sites) is laid out in five large parts: Introduction, Developing LSB Applications, Certifying for the LSB, Contributing to the LSB Project, and Using LSB Resources. Except for the first part (Introduction), the book gives specific examples, and many, many references to the opengroup.org website's sections on the LSB.

It becomes obvious as you go through the book that the Linux Standard Base is still evolving. The authors (13 core members of the LSB team) frequently allude to how the project can (and should) be extended to increase its scope and sophistication. Two chapters (Adding New Interfaces..., and Adding New Architectures...) cover (albeit skimpily) what's needed to update the specification.

Backing up for a moment, Part II (Developing LSB Applications) describes in detail (with examples) the Dos and Don'ts of coding practices. It then explains carefully how an application should be packaged for distribution (RPM), and finally wraps up with a section on porting Solaris apps to the LSB. In each chapter, step-by-step instructions are given when appropriate. Differences in filesystem hierarchy, signal handling, and program options are all laid out to help you through.

Part III goes over the LSB Certification process. Both runtime environments (distros) and applications are covered. Again, the book lays out the process in a step-by-step approach.

The last part in the book talks about the various resources available: the written spec, the test suites, and various usage guides. The chapter on using the LSB test suites shows how much thought went into making sure a successful test ensures a certifiable (in a good way) application.

All in all, Building Applications with the Linux Standard Base, has what you need if you're developing a commercial-grade Linux distribution or application. Once your product has passed the testing described inside, you can be confident that it will work on almost anything Linux. Very dry reading, but a lot of useful information packed into a slim 246 pages. I'd give it a 7 for writing style, but a 9 for content: total=8/10.

You can purchase Building Applications with the Linux Standard Base from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

Tangurena writes "Emergence is a field that is trying to come to grips with how new behavior emerges out of smaller units. There is no gene that determines the behavior of a hive of bees or colony of ants, but the behavior of the nest emerges from the individuals within. Some people are using cellular automata as a means of explaining higher order behavior (like Wolfram in A New Kind of Science )." Read on for Tangurena's review of Steven Johnson's 2002 book Emergence: the Connected lives of Ants, Brains, Cities and Software. Emergence: the Connected lives of Ants, Brains, Cities and Software author Steven Johnson pages 288 publisher Touchstone Press rating 8 reviewer Tangurena ISBN 068486876X summary A look at how new behavior can arise from assembling smaller units.

The author makes a point that there are 3 main camps of scientific study.

1. The study of simple systems - under a few dozen variables, like electromagnetism, or celestial mechanics.
2. The study of stochastic systems - few million to few billion variables, like actuarial sciences and genetics.
3. The study of disorganized complexity. Systems in the middle between a dozen and a few million variables, where the second order characteristics - how they interact, is of primary concern.

Deduction and induction work for the first two camps, but for the third, the interactions cause actions and reactions which are what scientists politely call counter intuitive, meaning your first thought is Huh? Or, in other words, it behaves quite differently from what your instincts and (so-called) common sense would tell you.

There are five basic principles for developing a system (or simulation of one) which can express emergent behavior:

1. More is different. You get a very different behavior of the system when certain thresholds are reached.
2. Ignorance is useful. Ants communicate with a vocabulary of around 20 words/ideas.
3. Encourage random encounters. Much of the behavior of an ant colony comes from them just bumping into each other (or external things like food, or my foot).
4. Look for patterns in the signs. Even with the limited vocabulary of ants, they can also express things based on the decay in the pheromones they deposit.
5. Pay attention to your neighbors. Also described as "local information can lead to global wisdom."

One of the enduring myths we have, is that of the Ant Queen. The myth supposes that there is some central planning done in an ant colony. Instead, the queen exists only to pop eggs out. Male ants have such short lives, that in most species of ants, they have no mouths to eat with; they just don't live long enough to get hungry. The production of warriors and workers is stimulated by pheromones in the colony. Information on where to gather food is gathered through random acts of bumping into things. There is no ant which tells another to go lift that bale or tote that barge. It appears that our intelligence is a by-product of the neural interactions of our brains.

The economist Jane Jacobs had been studying things like this for years, and has been demonized by the majority of economists: they want to believe in some centralized controlling force, control that force, and you control the development of your economic system. People reading her books tend to think she worships sidewalks, instead, she values the communication that can only happen on sidewalks; people meeting each other and exchanging words. You can't say "hi" to your neighbors if you are each zipping past each other on the freeway.

One can experiment with emergent behavior with some software tools. The author explains a few, of which you are most likely to have experience with SimCity.

The main difference between chaos theory and emergent behavior theory lies in a couple important differences. A chaotic system has a number of determinable feedback loops, all of which are (usually critically) dependent upon the starting conditions. Emergent behavior has more to do with feedback loops causing totally different behavior, and when some threshold (usually population) is passed, the nature of the system drastically changes.

If you are looking for sample code to simulate things, you won't find it in this book. If, however, you want to get an overview of where this field is coming from, read this book.

You can purchase Emergence: the Connected lives of Ants, Brains, Cities and Software from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.

book_reader (Gary Cornell) writes "Wow, what an intriguing title! When I was getting my Ph.D in math, the words 'sex' and 'mathematics' were not juxtaposed all that often, and I suspect we would have been more likely to expect a book titled 'Mathematics and the (lack of) Sex.' But, hey, times change and the author, who is not only a mathematician but also someone who was voted one of Australia's 50 most beautiful people in their equivalent of People magazine -- and remember this is the land of Nicole Kidman -- has a point. As she says, echoing G.H. Hardy's famous comment in 'A Mathematician's Apology': 'Mathematics is the study of patterns: their discovery, their interconnections and their implications.' And what is sexual behavior but the most intriguing pattern of all?" Read on for the rest of Cornell's review. Mathematics and Sex author Clio Cresswell pages 177 publisher Allen & Unwin rating 8/10 reviewer book_reader ISBN 1741141591 summary A very nice introduction to the modelling of inter-personal behavior

The way one studies patterns mathematically is by building models for the behavior being modeled. This is why most of this book is about mathematical models for interpersonal behavior. Well, that together with some amusing anecdotes that make the book a fun read even if you know the literature very well. Still, before I go any further with this review I want to remind everyone that the key question to ask oneself when reading any book that does mathematical modeling of any topic is always the same: are the models built realistic?. Mathematicians can't answer this question: only research by scientists (i.e., experience) can. Einstein probably put it best when he said:

"As far as the laws of mathematics refer to reality, they are not certain, and as far as they are certain, they do not refer to reality."

While we do study models for their applicability and their eventual predictive use by and for science, mathematicians can and do also study them for their intrinsic mathematics beauty, and some of the models Cresswell discusses in this book are certainly very pretty (in the mathematical sense of beauty--because the solutions are elegant, though the pun is intended.)

As an example of what this whole subject is like let me tell you about a long-studied model of interpersonal behavior that the author discusses in Chapter 3, a chapter titled "Road Testing the Bed"--I kid you not.

"You have to choose your life mate. The rules we adopt for this model are that you will be presented 100 choices one after another, you may date them, sleep with them, whatever. But, at the end, you must say yea or nay and if you say nay, you will never see them again."

What strategy should you adopt? Well, if you wait to the end, the odds are only 1/100 that the last person is the optimal choice; ditto if you choose the first person. The modeler then asks: what strategy should you adopt for optimum results? A little bit of mathematics involving infinite series gives the answer. You can prove mathematically that the best strategy is to look at (approximately) the first 36.787944117144235 people (rounding it to, say, 37 people) and then you should choose the first person from that point on that is 'better' then the previous 37 people. This increases the odds of your finding the best match from 1% to about 37%- roughly a 37 times improvement. (In the pre-politically correct literature this model was called "The Sultan's Dowry Problem," or "The Secretary Problem"; now, alas, it is usually called simply an example of an "Optimal Stopping Problem." )

Is this a good model for how we behave? Is this a strategy that one can realistically adopt? Certainly, 100 possibilities seems like a lot of choices to have if one is not the current day equivalent of a sultan -- a movie star or an athlete. But the model is intriguing, if not totally realistic and applicable.

Models that spring from modification of the rules of the Sultan problem have always been one of my favorites in this area. This makes Chapter 3 my favorite chapter: it is chock full of goodies with lots of interesting variations of the original problem, and thus even more interesting models. Some may be far more applicable. For example, if you get to play the cad and can keep potential mates 'stockpiled,' then, by stockpiling seven potential mates, there's a strategy that you can use to increase the odds of finding the best one to 96% or so! Or, in another variation of the model, whose solution she refers to as the "twelve bonk rule," there's a result that says that if you simply want to ensure that your choice is better than 90% of the other choices available, simply 'sample' the first 12 possibilities and pick the first person who is better after the first 12. This strategy gives you a 77% possibility of success.

I obviously can't go over all the models she builds, the interesting results she cites, or the interesting observations she makes in a review so let me simply give you some of the high points of the remaining chapters:

Chapter 1 is entitled "Love, sweeeet love" and mostly consists of showing you various differential equations that can model love's attraction and repulsion i.e. variations on standard "prey-predator models." For example, she mentions the following model of attraction:

"The more Romeo loves Juliet, the More Juliet wants to run away ... Romeo gets discouraged and backs off, Juliet finds him strangely attractive. Romeo tends to echo her..."

This model gives rise to a standard and very simple first order differential equation. She then talks about more sophisticated versions of this model including one by Rinaldi that tries to model a famous love poem by Petrarch. (Personally, I think these models are only useful for learning differential equations but don't shed much light on the problem.)

Chapter 2 is called "Marriage and the Happily Ever After" and describes models for behavior in a relationship, including an analysis of how absurd the folk tale is that more sex occurs in the first year of marriage then in all subsequent years combined. Probably the most interesting work she talks about in this chapter are the models by Guttman et al. intended to analyze conversations between lovers to determine if the relationship is on the rocks. In this case the models they build are known to be highly accurate in predicting problems in the relationship.

Chapter 4 is entitled "Dating Services -- are you really being served?" and it has a fascinating analysis of the perils of questionnaires that try to match too many variables (i.e. why those questionnaires don't help that much). As she points out, this is called the "curse of dimensionality" in the literature. The problem is that if you are trying to determine whether two points are very close in n-dimensional space where n is large, you are unlikely to get a whole lot of difference between points and so closeness doesn't really matter much.

Chapter 5 is called "Pairing Up," and shows how Game Theory can (should?) enter into the problem of "choice" preferences. This chapter is a very nice gateway into models that are studied in the greatest depth in economics; there is an incredibly interesting literature on these issues. One should start with Arrow's paradox on voting (that most logical axiom systems for building choice models are actually inconsistent and can't simultaneously be satisfied) and then work up to real problems with how congressional seats are allocated in the United States. Wikipedia has good articles to start with on these models.

Chapter 6 is called "Action Reaction Attraction" and is about ways to model people's attractiveness. This means things like symmetry as a cross cultural model for beauty, and waist-to-hip ratio for females as a cross-cultural model for male choice. Whether these models are correct is an extremely active area of research in anthropology and evolutionary psychology. The jury seems to still be out, but the evidence for their truth is certainly growing.

Chapter 7 is called "Pick a Sex, Any Sex" and is a tantalizing hint of what the mathematics of evolution is all about. In particular this chapter includes a nice discussion of how sex itself can evolve. (It seems paradoxical that the question of how sex itself can evolve is not yet resolved. After all, in a naive "selfish gene" approach to evolution, it would seem seem that asexual methods of reproduction win hands down. But, as usual, the issues are more complex then naive models would predict. For example, who would have thought that parasites might be the reason sex arose? Again, for more details on the science behind the models the author discusses, you can start with a useful Wikipedia article. Ridley's popular science book called the Red Queen (or anything by Maynard Smith) is where to go next.

Chapter 8 is titled "How Ovaries Count and Balls Add Up," and is about models for feedback levels of hormone concentration and circadian rhythms and didn't particular interest me.

Finally, Chapter 9 is called "Orgasm" and I'm not going to summarize it, since that would be telling.

To sum up, is this book perfect? No. I think more mathematically literate people would like appendices which give some indication of the deeper math behind what she discusses. For example, the math that shows why the answer I gave above to the Sultan's choice problem really is approximately 36.787944117144235 - or more correctly n/e, where e is the base of natural logarithms and n is the number of choices one has to go through, is well within the reach of any 2nd year calculus student. The differential equations she introduces in other chapters can be understood by anyone with a good engineering or math background. The game theory and even a proof of Arrow's theorem should be accessible to any literate person etc. As is, though, anyone with even some knowledge of or interest in mathematics will find this book great fun.

You can purchase Mathematics and Sex from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Martin Ecker writes "Two-dimensional user interfaces (UIs) have been around for a long time, and people are accustomed to using them. However, 3-dimensional user interfaces have not yet received as much exposure. Only a select few applications utilize 3D UIs, some with more success than others. The book 3D User Interfaces: Theory and Practice (published by Addison-Wesley) attempts to give a broad overview of the field of 3D user interfaces. It discusses the hardware devices and the software techniques required to build successful 3D UIs and gives a number of design guidelines to follow when having to develop new 3D interaction techniques for specific applications." Read on for the rest of Ecker's review. 3D User Interfaces: Theory and Practice author Doug A. Bowman, Ernst Kruijff, Joseph J. LaViola Jr., Ivan Poupyrev pages 478 publisher Addison-Wesley Publishing rating 7/10 reviewer Martin Ecker ISBN 0201758679 summary An extensive overview of 3D input and output devices, 3D interaction techniques, and 3D user interfaces.

The book contains 13 chapters, divided into five parts. The first part contains two short chapters that introduce the basic concepts of 3D user interfaces, give a bit of history of 3D UIs, and define the scope of the book.

The second part discusses hardware input and output devices that are useful when developing 3D user interfaces. The first chapter in this part is on output devices and it presents various visual and auditory displays. Haptic devices are also discussed in this chapter. The following chapter presents 2D and 3D input devices that can be used with 3D user interfaces. The devices discussed include not only the classics, such as 2D mice, keyboards, and joysticks, but also 3D mice, tracking devices, and various forms of direct human input, such as via speech or via bioelectric signals.

The third and largest part of the book is on 3D interaction techniques. The first chapter of this part discusses the various ways that have been devised in the past to perform 3D selection and manipulation of objects. A vast number of techniques are presented in this chapter, from various pointing and virtual hand techniques to widgets for rotating an object. The following chapters discuss techniques to allow navigation through virtual worlds and user interfaces, in particular techniques for traveling and pathfinding. The following chapter is on system control and it discusses how to control the system via commands, such as using graphical menus, voice and gestural commands, or real-world tools. Finally, this part of the book contains a chapter on symbolic input, i.e. communicating text or numbers to the system, in the context of 3D UIs.

Part four of the book deals with designing and developing 3D user interfaces. For me, this was the most interesting part of the book because it shows how to put together the various input/output devices and interaction techniques presented in the previous chapters. This part also contains a chapter on evaluation of the design and implementation of user interfaces, an important aspect in order to ensure the usability of a user interface.

In the book's final section, the author takes a look at the future of 3D user interfaces with a focus on the combination of the virtual world with the real world -- so-called augmented or mixed reality. This area has received quite a bit of attention from academic research in recent years.

Throughout the book, there are useful guidelines on designing usable user interfaces. Following these guidelines will probably not give you a perfect 3D user interface, but it will definitely help you avoid the common mistakes and pitfalls. It would have been nice if all the guidelines in the book had been put all together in a separate appendix in addition to having them spread out all over the book.

The book also has a number of images and illustrations. The figures throughout the book are in black and white, apart from a four-page color insert that depicts various hardware input and output devices.

This book contains a lot of information and is probably the most comprehensive book on 3D user interfaces I have seen to date. Pretty much every aspect of 3D UIs is covered in the book somewhere, with some topics being covered in more detail than others. If you're not familiar with 3D UIs at all, this book gives you an excellent introduction to this active field of research. If you are already somewhat familiar with the topic, this book offers you a comprehensive overview of the field and gives you many references to more detailed research articles and papers.

Martin Ecker has been involved in real-time graphics programming for more than 9 years and works as a games developer for arcade games. In his rare spare time he works on a graphics-related open source project called XEngine.

You can purchase 3D User Interfaces: Theory and Practice from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Motor writes with the review below of Frederik Pohl's The Boy Who Would Live Forever, a series book which he says escapes the release-early, release-often approach of some series. Read on for his take on the book. The boy who would live forever: A novel of Gateway author Frederik Pohl pages 384 publisher Tor Books rating 8/10 reviewer Motor ISBN 076531049X summary The latest Gateway novel The Boy Who Would Live Forever is a Gateway novel. I am sure a big proportion of Slashdot readers need no introduction to Frederik Pohl's Gateway universe. But here goes:

The original novel Gateway, published in 1976, was a Hugo and Nebula award winner and quickly burned itself into the memory of many SF readers. It told the story of the discovery of an asteroid full of alien (the Heechee) ships. The ships are completely functional, but with no way to decode the navigation controls the only possible trips are... well... mysterious. Desperate prospectors from a poverty- and famine-stricken Earth travel to the Gateway asteroid (as it becomes known) to take a trip in a Heechee ship hoping to find something unusual, and perhaps earn themselves a share in the Gateway Corporation. Some never return; some return only after their food and oxygen has long run out; some are sent to destinations that kill the occupants of the craft; a lucky few return to enormous wealth. Later books in the series expanded on the premise and the reasons why the Heechee abandoned many of their vessels and tunnels and vanished.

The Boy Who Would Live Forever is the sixth book in the series. The word 'series' stirs up thoughts of those interminable fantasy or SF series that are pumped out at regular intervals for cash. Gateway books, on the other hand, are pretty rare things:

• Gateway (1976)
• Beyond the Blue Event Horizon (1980)
• Heechee Rendezvous (1984)
• Annals of the Heechee (1987)
• The Gateway Trip (1990)
• The Boy Who Would Live Forever: A Novel of Gateway (2004)

So a new one is something to look forward to -- at least for me.

The Boy Who Would Live Forever (TBWWLF) begins with the story of Stan, a young man growing up virtually penniless in Istanbul. After his father dies he inherits a life insurance payoff that is just enough to take him and a friend to Gateway. Unfortunately Stan's long-awaited first trip in a Heechee ship comes to nothing. Even worse, he returns to Gateway to find that the secret of Heechee ship navigation has been cracked. No more wild rides into the unknown... and no more big payoffs. But Stan somehow finds himself on a Gateway trip that will make him one of the first humans to find the elusive Heechee.

Other narrative threads involve Gelle-Klara Moynlin: a character from previous books who spent time trapped and frozen in time at the event horizon of a black hole. Marc Anthony: an artificial intelligence, Gourmet cook, and numerous other talents besides. Wan: a rich spoiled psychotic who grew up on a Heechee artifact (the child of stranded Gateway prospectors) and his attempt to get get hold of a weapon capable of destroying a star. Sigfried von Shrink: the A.I psychotherapist from the first Gateway novel makes a repeat appearance. That rarest of things, a mentally unstable Heechee: made that way, unsurprisingly, by having to live with humans. And more details on the Kugels -- or "The Foe" as the Heechee call them -- a race of energy creatures hell-bent on eliminating organic intelligences.

Like most of Pohl's work, TBWWLF has plenty of humour and insight. Cultural misunderstandings between the amiable Heechee and the slightly clueless Stan provide plenty of opportunity for sly jokes, and Wan's obsession with getting back "his" Old Ones (the Australopithecus pre-humans he grew up with on the Heechee artifact) and their lack of personal hygiene are played for a few gags.

Despite being a novel, TBWWLF has been constructed from a number of short stories ("From Istanbul to the Stars", "In the Steps of Heroes", "A Home for the Old Ones", "Hatching the Phoenix") with original material added to tie them together. This is the cause of its only major fault: it is quite disjointed. Some of that is inevitable given that a big chunk part of the novel takes place within a black hole. But even allowing for the difficulties of stitching together a story from threads crossing a time dilation of 40,000:1... in which some of your characters only experience a week or two while others experience a thousands years... the novel still does not hold together satisfactorily as a story. There are entire chapters devoted to a faster-than-light trip to watch the Crab Nebula supernova occur and see the occupants of a planet of that system in its final days. Fascinating it may be (and it is), but it never really feels like part of the novel. The varied threads do eventually come together to provide a conclusion of sorts, but taken as a whole the book is really more of a tour of the Gateway universe.

However, I don't want to give the impression that this is a bad thing. Anyone familiar with the earlier books will find plenty to enjoy. Much of TBWWLF is concerned with filling in the gaps left by previous books -- such as telling the story of humanity's first contact with the Heechee, and some of the religious implications of machine storing humans when their organic bodies run out. New readers, though, might find themselves a bit lost among all the A.Is, downloaded humans, prayer fans, Ones, Twos and Fives.

The Boy Who Would Live Forever does have its faults as a novel, but it is a genuinely enjoyable read and it is a welcome addition to the Gateway series. One can only hope that Pohl is able to continue it.

You can purchase the Boy Who Would Live Forever from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Aeonite (Michael Fiegel) writes "Mark Jeffrey is probably best known to Slashdotters as an online media entrepreneur and one of the co-founders (along with Mike Maerz and Jim Bumgardner) of The Palace, an avatar-based chat system popular in the late 1990s. Jeffrey is not to be confused with Neal Stephenson, though both men have websites featuring clockwork imagery, goatees, and novels which contain references to Sumerian mythology -- Stephenson's Snow Crash and Jeffrey's first novel, The Pocket and the Pendant. From a distance, one might be inclined to believe that similarities to Stephenson's own work are more than cosmetic: Jeffrey thanks Stephenson on the Acknowledgments page of his novel (along with Stephen R. Donaldson and Carl Jung, among others), and one Lulu.com review (mentioned in a press release) describes The Pocket and the Pendant as being 'like Stargate, Harry Potter, Snow Crash and the old Land of the Lost rolled into one.'" Read on for the rest of Fiegel's review. The Pocket and the Pendant author Mark Jeffrey pages 220 publisher Lulu.com rating 5 reviewer Michael Fiegel ISBN 1411613236 summary In a world where time has no meaning, one boy stands alone against the forces of darkness.

In my estimation, that's a lot like saying that chocolate chip cookies are "like flour, sugar, chocolate chips and vanilla rolled into one." Both statements are true, in part, though they leave out a lot of other ingredients, and mention some (Snow Crash and vanilla, respectively) which proportionally make up very little of the overall batter.

Granted, I know what the reviewer was thinking of when they wrote that assessment of the book; namely, the Sumerian myth. But beyond that, it's misleading to suggest that a Snow Crash fan would also enjoy The Pocket and the Pendant. I'd go so far as to say quite the opposite. Snow Crash was a Cyberpunk novel loaded with heavy doses of socio-political and religious satire, violence and sexual imagery, among other things. The Pocket and the Pendant is a fantasy novel that contains no overt satire, little violence outside of a few bruises, and nothing sexier than the word "girlfriend." To draw comparison between the two is akin to comparing Star Trek and Star Wars: about all they have in common is stars. One is science-fiction, the other's science-fantasy; one takes place in the future, the other "long, long ago"; one's got Wil Wheaton, the other's got Natalie Portman; one's designed for adults (Seven of Nine, the Borg), and one's focused on a younger audience (Jar-Jar Binks, the Ewoks).

Given that dichotomy, The Pocket and the Pendant falls squarely in the Star Wars/fantasy half of the speculative fiction genre. As a longtime fan of Star Wars, I can't say that's a bad thing. There's much that's good about this book, and as a first novel it shines far brighter than many works I've laid eyes on. However, there are some uneven spots that must be acknowledged along the way.

Humble Beginnings

After a brief prelude which sets up the action to follow we are introduced to the novel's protagonist, Max Quick. Max is introduced as being "a very strange little boy," a phrase that bothered me the first time I read it. As we will learn just a few dozen words later, Max is twelve years old, as are his peers, who are also, time and again, referred to as "little boys and girls." When I think of someone who's a "little boy" I think of the teenage Amidala in The Phantom Menace calling the 8-year-old Anakin "a funny little boy." I do not think of twelve-year-olds as "little children," but rather as pre-teens well on the way to adulthood: Natalie Portman's Matilda in Leon, who is twelve going on 32; Nabokov's twelve-year old Lolita, four-feet-ten in one sock; the drug-using pre-teens and barely-teens in Kids and Thirteen.

In the world of The Pocket and the Pendant, however, twelve-year-olds truly are "little boys and girls," possessed of a wide-eyed innocence that, while capable of being tainted and turned, is nevertheless omnipresent in the mannerisms and language of the main characters. Mention of "girlfriends" causes blushing, and one twelve-year-old character uses the term "tummy" and repeatedly refers to her mother as "Mommy." Consider the following dialogue:

" Can you hear me?"
"Yes!" came the little girl's voice from somewhere above, now sounding more hopeful. "Oh, yes! Whoever you are, can you help me, please?"
"Yes, I will, I promise," Max called back. "What apartment are you in?"
"912," she yelled back, "The door's open! Hurry! I'm scared!"

The only child in the book who's portrayed as truly malicious and evil is Ace, described as a "big kid" by the author in a clear effort to put at least several years between him and the "little twelve-year-olds." While it's true that there are some young antagonists who have reverted to barbarity, even their actions seem more like a foolish game than true maliciousness, bringing to mind scenes from Lord of the Flies or Mad Max: Beyond Thunderdome or even Peter Pan, kids turned savage not by choice, but by circumstance. Sasha, one of the most vicious-tongued of these savage "Serpents & Mermaids," even joins the other "good little children" on their quest after a time.

In all, there are four heroes in the novel, all presumably in the same age range, all "just four little kids" as described by our hero, Max Quick, himself. He's accompanied by Casey Cole, his female sidekick (and not his girlfriend, as he insists); Ian Keating, a British transplant, here playing the role of Spock to Quick's Kirk; and, of course, Sasha, who comes in late and serves mostly as a plot device, conveniently tripping or falling into trouble when necessary. As to the plot ...

All The Time In The World

The action begins for our heroes as it ends for everyone else on the planet: on April 9th at 3:38, in the middle of a solar eclipse. That's the moment at which time itself stops. Mothers are frozen in the middle of making breakfast, fathers are paralyzed as they drive to work, and children are stuck fast as they head home not to play GTA San Andreas, but to eat lemon and jelly sandwiches and play hide-and-seek (for such is the world of Max Quick). In fact, it's not just people who are affected, but presumably the entire universe itself: the wind stops blowing, flocks of birds halt in mid-flight, and waves become frozen on the ocean, each immobile and essentially as hard as stone.

As it turns out, not everyone is stuck in time. There's Max, of course, who quickly discovers that while the rest of the world is stopped, he has gained respectively supernatural powers, able to "whoosh" about with great speed and hear across great distances since everything else in the world has fallen silent and still. He soon rescues Casey, who has discovered two powers: first, the ability to "fall inside" mirrors in order to escape from danger; and second, the ability to rub objects to "heat them up" and unfreeze them from time. This discovery leads to one of the more unintentionally amusing lines in the book if you're an adult:

Everything seems to be like that: slow and sticky -- but I figured it out: if you rub it and heat it up, it comes loose and then you can use it." She beamed.

The unwitting double-entendre there makes me question the assessment that The Pocket and the Pendant is "a fast-paced adventure sure to thrill young and old alike." Clearly, the author intends this line to be read from the perspective of an innocent child, discovering a secret and describing it in perfectly obvious and appropriate terms, but I think it is likely that only a child (or "young adult," as the library likes to call them) will be able to take that at face value. But on with the story...

Max and Sasha, in an attempt to uncover the mystery behind the stopped time, soon encounter a rogue band of youth gone wild, which leads to a very clever battle set inside a time-stopped bank of fog, and the eventual capture of our heroes. Luckily, they discover a disgruntled member of the gang (Ian) who is able to help them escape via a magical book-cum-"deus-ex-machina". At first, it seems strange that the novel interjects a magical tome into what had previously been a more science-oriented storyline, and stranger still that the characters all seem to just accept this magical object at face value. But as the plot unfolds, this becomes more acceptable to the reader; as we discover, not only is there a reason for magic and science to exist side-by-side within the story, but there's a reason why the main character seems capable of embracing it all without questioning it.

As the story evolves, we encounter more quantum-bending books, a Nam-shub (Sumerian incantation), UFOs, an entire army of alien centurions, and an insidious plot that involves a rogue planet, ancient Egyptian and Sumerian "gods" and the interference of Snow Crash's favorite god, Enki, one of the novel's most interesting characters despite the fact that he (and, perhaps, the author) seems to believe that all the world's problems can be solved by giving troubled children a bowl of ice cream (this happens three times in the course of the novel).

Enki gets some of the more interesting (and some of the more adult) dialogue in the novel, though I hesitate to use the term "dialogue" since it's mostly "monologue." Enki is not alone, however. Heroes, villains, diary entries and side characters all spout off great gouts of plot for pages and pages, at times explaining backstory, at other times (as with Enki) seeming to speak the author's own philosophical beliefs as they attempt to justify thousands of years of history, archaeology, religion and philosophy in one neat little storyline. One entire chapter is devoted to Enki's reconciliation of Sumerian mythology and Biblical references to Adam, the Nephilim, the Flood, Babel and the Serpent in the Garden of Eden. Not that it's done poorly here; on the contrary, it's done as tidily as Stephenson does in Snow Crash (which is to say, solidly enough to serve the plot, but probably not enough to stand up to actual scrutiny in the "real world"). Surely the RIAA would disagree, however, with Ian's concise assessment that good and evil are akin to users who share on P2P networks, and those who do not (respectively).

The Pocket and the Pendant

As Enki explains to our heroes, "The Pocket" of the title is the little "pocket of time" within which the characters find themselves through the course of the novel. To reveal more about the nature of this "pocket" is to spoil parts of the story, but suffice to say that it goes far deeper than your typical "time has stopped" trope, and involves weaving the concept of neural networks, the nature of consciousness and quantum mechanics into what Enki dubs "Dreamtime."

Various objects called omphalos -- special amethysts, diamonds, rubies, lapis lazuli, emeralds, etc. -- "contain echoes of the very Dreamtime itself", allowing users to alter reality in various ways. Some omphalos are used to allow users to travel faster, others to communicate across great distances. "The Pocket" was created by an omphalos called the Chrononomicon, and "The Pendant" is another omphalos which the novel's villains are searching for within "The Pocket." It has the capability of affecting the entire human race, and whether or not they can be stopped before achieving their goal is ultimately on the shoulders of Max Quick and his three friends. If the heroes succeed, the world will be saved from evil. If they fail, all humankind will be enslaved, just like the band Planet Furious, who are, late in the book, "thawed out" and forced to perform onstage for an army of villains in what has to be one of the silliest scenes in the novel.

Not that there's anything particularly wrong with "silly" in a children's book. Scenes like this are bound to capture the imagination of younger readers. But adult readers are going to have a hard time grasping the relevance of "Johnny Jupiter, Sophisto, Frankie Mercury and Sid Venus" in a novel which, pages earlier, was going on about quantum mechanics and the nature of reality.

Who's The Audience?

This issue is addressed in this review over and over again, precisely because of the author's apparent intent:

"The novel is written for both adults and young adult readers alike," says Jeffrey in a press release about the novel. "I consciously wrote in a fast-paced and humorous style accessible to both audiences, yet didn't want to create something 'kiddie'.

All told, before the book is out, we'll have encountered references to ancient Sumeria, Judeo-Christian mythology, quantum physics, time travel and astronomy -- heavy, weighty topics that will probably fly over the heads of many children reading the book. We'll also have encountered children calling each other names, characters who speak in "kiddie" language to one another, a "Beep-o-tronik" cell phone and a "Vicious Cycles 'Sportstervarius' motorcycle." These two things -- adult language, and childish language -- exist not together, but side by side, separate and noticeably unequal. Consider the following, from page 180 and 181, respectively:

It was the same kind of feeling one got looking at an Escher print. It was numinous, chthonic.
The gestalt was one of controlled geometric chaos -- triangular, dodecahedral, octagonal and tetrahedral shapes in every direction.

"...I forgive you." She paused a moment and then added, "I even forgive you for what will happen to my Mommy."

The novel certainly has pieces that are appropriate for older readers, and it definitely has pieces that are intended for younger readers, but I am hard pressed to say that it can appeal as a whole to either group. Due to the nature of the story and the fact that the protagonists are children, my gut instinct is to suggest it's definitely a children's book. I can see a child enjoying the book much more easily than I can see an adult finding it all fulfilling. Slashdot is mentioned on page 67, but I don't think the typical Slashdot reader would find the novel really and truly fulfilling. However, their children probably would, especially if mom or dad was there to explain what "numinous" or "chthonic" meant.

This is not to say that adults cannot enjoy such novels. Many a children's novel has been embraced by adults: The Lion, The Witch and The Wardrobe, A Wrinkle In Time and The Hobbit spring immediately to mind, and of course there's the ubiquitous Harry Potter and much of Piers Anthony's work, especially the oft-forgotten Mode books. Such novels contain worlds where youthful innocence is threatened on the path toward experience, and children (or hobbits) are forced to grow up faster than they might like in order to save themselves and others. The Pocket and the Pendant is at home with these books, not with Stargate or Snow Crash. And that's good company to be in.

Nuts & Bolts

It's worth mentioning the book's layout, at least in passing. The number of lines varies from page-to-page, with some pages leaving a more comfortable 1/8" white gap above the rule at the bottom, and others cramming an extra line in there, seemingly at random, but likely due to the somewhat inconsistent spacing between sections within each chapter, some of which are quite wide, others narrower. Rather than being fully-justified (with even edges on both sides), the book is merely left-justified, with ragged right edges. While not a mortal sin, it's at least venial, making the text hard to read in some places where words sorely in need of hyphenation are instead dropped to a new line:

For his part, Max was surprised to find that there was something disturbingly
familiar about Mr. Siren also. Then, Max caught a flash, a snippet
of...something. He blinked in confusion and tried to concentrate.

From a stylistic standpoint, one annoyance is that the novel's main villain has a habit of speaking in pseudo-archaic English, with "thee," "thou" and "thy" peppering her speech, presumably in an effort to make her seem older and more alien. While I would normally consider this as egregious a sin as George Lucas burdening Jar-Jar Binks with Jamaican patois, I will let Jeffrey off the hook here since he has one of the characters question this very issue late in the novel, in a rather amusing scene.

Far worse, however is the author's unfortunate habit of liberally sprinkling his text with italics for emphasis. I cannot find a single page in the book that does not contain at least one or two italicized words. In general, one uses italics as a means of emphasis only sparingly, and the overuse in this novel leaves the reader a bit seasick, riding a roller-coaster of emphasized words up and down, up and down. Much of the time, one can chalk this up to the gushing exuberance of an excited speaker, but at times, such emphasis seems wholly out of place within the context of a given sentence:

Oh, it is you, I knew it was," she said, shaking her head. "But how can it be? I don't understand ... but I have no doubt: it's you alright."

Overall the book is well-edited, with only a handful of typos to be found throughout. One of the most amusing, repeated twice, is to be found on page 201 near the end of the novel, where a character unfortunately serves ice cream not in "bowls" but in "bowels." That's one your kids might actually notice, and laugh uproariously at.

Unintentional potty humor -- some things are funny no matter how old you are.

In Closing

For those who enjoy many of the other books mentioned above, The Pocket and the Pendant is a good, fun read. However, it's hard to get past the notable imbalance between the book's "adult" and "kiddie" elements. It will be interesting to see where the author takes his characters should he write a sequel to this novel, and if he's able to more thoroughly blend the weightier language with a consistently child-friendly storyline.

The best advice for those who are unsure of whether or not this is for them is to check it out themselves. A free preview of this novel, including the first two chapters, is available in .pdf format for immediate download from print-on-demand-publisher Lulu.com and www.pocketandpendant.com. The P&P website also includes cover art, news and updates about the book, a blog, and several other reviews.

You can purchase the Pocket and the Pendant from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Maloney writes "Many Slashdot readers know how to secure a network, and many know how to determine if a security breach has taken place. Fewer readers, though, would know how to handle a security breach if corporate assets were involved. How would you cooperate with law enforcement when a crime has been committed on a computer?" For more questions, and the rest of Maloney's review of Warren G. Kruse II and Jay G. Heiser's Computer Forensics, read on below. Computer Forensics author Warren G. Kruse II and Jay G. Heiser pages 392 publisher Addison Wesley rating 8/10 reviewer Craig Maloney ISBN 0201707195 summary A good reference for what to do when computer crime happens

How do you get the evidence off of a computer, ensuring that it's capable of withstanding a defense lawyer's scrutiny? Maybe you would just unplug the machine and put it in storage awaiting a detective's arrival, but is that what we should do? What if the evidence is on a production server that can't be simply unplugged and put into storage? What if that evidence is slowly being erased as files are created and deleted on that server? How do you help build the case against a computer criminal? Hopefully you'll never have to worry about computer crime in your home or workplace but if you do have to worry, Computer Forensics will be an asset to your part of the investigation.

Who is this book for? Computer crime isn't simple -- it can range from damage done by simple script kiddies to corporate espionage by disgruntled employees, as well as sophisticated, multi-homed attacks by skilled crackers. Computer Forensics tries hard to cover a lot of these areas. The book includes a chapter dealing with laptop hardware, as well as ones on data hiding and encryption, and further chapters on putting evidence together and dealing with law enforcement. While these topics may be of interest to the Slashdot crowd, Computer Forensics focuses more on broad topics of interest to computer detectives faced with getting up to speed quickly with computer crimes and computer evidence gathering.

Several chapters are downright boring for anyone who has a modicum of computer experience. Finding out where e-mail is stored on Windows and Linux machines, or understanding what a root-kit is and what it does will be pedestrian for many readers. Nestled away between the necessary-but-pedestrian topics, though, are some very useful tools. The authors use netcat with tar to copy files between machines without disturbing the modification times (something I would never have thought to use). Novice users will find a wealth of tools and examples in these chapters. The tools used in the book tend toward open source and free tools, and rely heavily on Linux as the Swiss Army knife for handling file systems and files without disturbing them. Any reader should be able to put together a decent set of tools from this book.

Making it all work

Putting together a good forensic kit is all fine and good, but making sure your evidence holds up to the scrutiny of some high-powered, high-priced defense lawyer is much more important. The last chapter of Computer Forensics gives a brief introduction to the criminal justice system. The authors touch on notifying law enforcement agencies, search warrants, probable cause, interviews, subpoenas, dollar loss guidelines, and testifying as an expert witness, among other legal topics. The appendices of the book have checklists, flowcharts, and an incident report form to aid investigation and evidence gathering. These are invaluable resources for the system administrator of any public machine who needs to deal with law enforcement.

Conclusion Thinking about dealing with courts and law enforcement may not be at the forefront of any administrator's job, but it is a reality any administrator needs to think of and be aware of. Computer Forensics will at least make administrators more aware of what their legal options are, and of the form in which gathered forensic data needs to be presented as evidence. Computer detectives will find a good, if not rudimentary example of what to look for when investigating a computer crime scene. This may not be the most comprehensive book on the subject of computer crime, but it will point you in the right direction to help investigate it should it ever happen to you.

You can purchase Computer Forensics from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

prostoalex (Alex Moskalyuk) writes "After the Presidential election process and U.S. foreign policy directions, outsourcing is a topic guaranteed to stir up heated debate. Bill Blunden's Offshoring IT is not a 'how-to' guide, as one might expect from the title. It's a collection of stats, figures and opinions on outsourcing information technology to foreign providers." Read on for the rest of Moskalyuk's review; watch out too for my upcoming review of N. Sivakumar's Debugging Indian Computer Programmers: Dude, did I steal your job?. Offshoring IT author Bill Blunden pages 138 publisher Apress rating 5/10 reviewer Alex Moskalyuk ISBN 1590593960 summary The good, the bad and the ugly (but mostly the bad) on IT offshoring

Bill Blunden is the author of Cube Farm - a humorous autobiography and story of author's fruitless employment at Lawson Software. A physics major faced with the grand prospects of waiting tables after college graduation, Blunden is not a newbie in the unemployment world. Offshoring IT promises to give the reader "the good, the bad and the ugly" of IT outsourcing practices.

The book is not very long -- just five chapters -- but it's thorough, as each chapter packs data and statistics from various government and commercial reports. "Setting the stage" talks about general trends in the software industry and cost of education. "Measuring the trend" tells the reader which companies outsource, why they outsource and who's helping them with outsourcing. "The Offshoring Obstacle Course" describes existing outsourcing processes - when exactly should company start thinking about outsourcing, what type of jobs is most likely to go offshore, what's the difference between India, Ireland, Israel, Russia and Mexico. Finally, "Arguments in Favor of Offshoring" made it into the book just because the publisher requested a fair look at the other side's arguments (which shows which "side" Mr. Blunden is biased towards). "Arguments Against Offshoring" is truly the author's work with major myths and excuses about offshoring debunked.

Blunden points out that in order to compete in the global marketplace, countries like India invested in their educational system and constructed high-speed data networks, which provided the foundation for companies popping up with the capability to take over remotely as call centers, software development houses, and R&D departments. Meanwhile, the cost of going to Ivy League schools keeps going up, leaving the fresh graduates with six-digit debt -- debt which the Student Loan Corporation (division of CitiCorp) expects to be promptly paid. The cost of college education for those who choose to go this route stipulates adequate pay requirements after graduation, and in the world where IT is going offshore, the paycheck is often just not there anymore, which leaves the fresh grad owing money and needing immediate retraining or a career switch.

The book delves into specific industries and companies, looking at the outsourcing numbers and potential for jobs to be offshored. Blunden notes that while corporations made their offshoring figures public before, lately the backlash against going offshore has made PR departments suddenly avoid the topic. Blunden refutes the argument that only low-level jobs are being outsourced and points to Intel designing CPUs for wireless devices on campuses in India.

Chapter 3 focuses on reasons for outsourcing. According to Blunden, the more face-to-face interaction and management effort a job requires, the less likely it is to be outsourced. At the same time, many companies are currently exploring offshoring some of their projects, claiming that only non-essentials are going abroad. Outsourcing of small projects allows them to establish the necessary processes and test their service provider, so that when a bigger project comes along, the management can feel safer working with the same offshore provider.

Chapter 4 deals with pro-offshoring arguments. Even though the author states he only had to write this chapter to satisfy the publishers, the arguments he picks are ones that appear in the press quite often - namely, that offshoring means more efficient allocation of resources, better revenue projections, and increased shareholder value. In Chapter 5 Blunded goes on a crusade to discredit these arguments, though, saying that offshoring does not benefit average Americans, that only the top 5% of income earners benefit from increased shareholder values, and that frequently top management receives additional benefits while laying off the proles.

While the first two chapters of the book are filled with data, numbers and statistics, the last three chapters mostly read like an rant on the current state of affairs, which many of us may have gotten for free from the older members of the family at Thanksgiving. Blunden does have some valid arguments about the increased danger to national security and wealth due to offshoring, but you can't help but notice the feeling that the author feels entitled to a job provided by an American corporation, even though corporate America is bad-mouthed in the next sentence. To give Blunden credit, he mentions that sometimes reasons for offshoring include the low popularity of call-center and data-entry positions in the U.S. Americans view doing support for AOL and data entry for Cingular as grunt jobs, just temporary positions on the way to a better life, while for many Indians it is the ultimate career, and are thankful to the provider for giving them the opportunity.

Blunden also does not distinguish between different types of IT workers. The aforementioned AOL support soldier and top NASA scientist, designing microcontrollers for the next space mission would be aggregated into the same "IT worker" category. There's little detailed statistics on what sectors of IT are prone to outsourcing and which are pretty stable to be in. Sometimes the author plays little tricks with the reader to make his points across. On p. 106 he talks to an invisible IT manager: "Sure, you can hire six Indian engineers for the price of an American engineer. But if an American engineer can do the work of six Indian engineers, what's the difference?" Oops. Notice how by the time we get into the second sentence the equality in price gets substituted by equality in productivity. Just because 6 Indian salaries would equal to one American, the author assumes the productivity level is going to stay the same, making the example nonsensical, since why would you outsource if it's the same money and the same productivity?

Overall, it's an interesting book to read, although somewhat depressing, as it provides little pointers into how do the readers stay competitive in this marketplace or what needs to be done on the personal skills level to make oneself more valuable. You can definitely tell which side the author is leaning, but subjective writing makes the reading more interesting. Nevertheless, the title does leave an impression of being one giant complaint about the current state of affairs, and I don't think I will be re-reading it. Perhaps just loan it to my friends, who are in college pursuing IT-related careers.

In an attempt to stay up-to-date with his skills Alex reads and reviews many programming and technology as well as keeps the list of free ones available on the Web. You can purchase Offshoring IT from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym (Mary Norbury-Glaser) writes "As the title suggests, Beginning MySQL Database Design and Optimization is intended for the range of users between novice and professional. It may seem difficult for one book to suit such a wide readership without losing readers on either end of the spectrum, or perhaps without providing adequate coverage to any particular audience, Apress has done what many other publishers have failed to do by providing an excellent series of 'novice to professional' books. An example of their dedication to detail and perfection is the inclusion of top-notch technical reviewers (Mike Hillyer, in this case, often found haunting Experts Exchange as one of the top MySQL experts) who provide expertise to the series. Authors Jon Stephens and Chad Russell have extensive combined PHP and MySQL experience that shows in the content of this volume. Readers with some MySQL experience who desire a broader range of instruction will gain much from this book. Experienced users will find quite a lot of valuable information that will extend their existing knowledge base. Concepts in design are better learned from the beginning to avoid repeating poor programming mistakes, but it's never too late to learn good practices." Read on for the rest of Norbury-Glaser's review. Beginning MySQL Database Design and Optimization author Jon Stephens and Chad Russell (Technical Reviewer: Mike Hillyer) pages 520 publisher Apress rating 8 reviewer Mary Norbury-Glaser ISBN 1590593324 summary MySQL Database Design and Optimization

This book focuses on MySQL 4.0/4.1 but also gives consideration to v.3.23 users as well as a nod toward v.5. The layout of each chapter gives a description of the topic of the chapter, followed by the meat of the chapter, a summary and what's next (how the context of this chapter ties into the subject of the next). There are numerous "notes", cautionary flags, tips, screen shots, code examples as well as thoughts from each author that provide explanatory asides to the content. The authors also provide references to other volumes, as needed.

A glance through the table of contents will give the reader a precise overview of what to expect in this book: Review of MySQL Basics; MySQL Column and Table Types; Keys, Indexes and Normalization; Optimizing Queries With Operators, Branching and Functions; Joins, Temporary Tables and Transactions; Finding the Bottlenecks, MySQL Programming; and Looking Ahead.

Chapter 1: Review of MySQL Basics gives a very quick (under 50 pages) summary of how to connect to the MySQL server; MySQL's identifiers and naming conventions for databases, tables and columns; a review of MySQL's syntax, writing basic queries and using basic commands (create, drop, select, insert, update, delete); and a discussion of the use of table, column and expression aliases. This section, while adequate, is clearly intended as an analysis of core information necessary to proceed to further chapters.

Chapter 2 follows with MySQL Column and Table Types, which deal with datatypes and structures used to store the data. The goal here is to help the reader design effective tables (and therefore create a well-designed and efficient database) suited to the particular type of data at hand. Numeric types are covered in depth; strings, the null value, ENUM and SET are also addressed as well as common "gotchas" and developer errors.

Keys, Indexes and Normalization come naturally in Chapter 3, with optimal data handling the goal: the chapter addresses getting data in efficiently and getting the results out efficiently, eliminating redundant data, appropriate uses of indexes and common index creation errors.

The core of the book is clearly Chapter 4, "Optimizing Queries with Operators, Branching, and Functions." Here, optimization skills are honed; manipulation and filtering of data is one of MySQL's strengths and this chapter shows the reader how to replace less-than-ideal program logic with SQL constructs to precisely adjust query performance. There's a good demonstration here of outputting a list of member data to a web page. The ultimate goal in this chapter is to provide the reader good skills that translate into better efficiency and faster database interaction. As the authors point out, one obvious logical consequence of this is easier migration between platforms and programming languages.

The next reasonable step is to look at additional features that MySQL has up its sleeve that will save the developer time and effort in the overall scheme of application development. Chapter 5, "Joins, Temporary Tables, and Transactions" discusses three of these additional features. The authors carefully point out that each of these eliminate excess queries needed to pull data, decrease code overhead, minimize the need to store data as application logic, decrease the number of bugs that appear in code and help guarantee data integrity (an aspect of database design that unfortunately often takes a back seat to other priorities as developers are often not concerned with the validity of data in a real world sense; i.e. from the user's perspective).

Chapter 6, "Finding the Bottlenecks," addresses modifying system configuration variables outside of the default and how these can dramatically affect performance. The authors look at some available free tools that help monitor server performance and enable configuration changes including mytop, WinMySqlAdmin, phpMyAdmin and the new MySQL Administrator (available from MySQL AB). MySQL caching capabilities and the ability to decrease repetitious read/writes to disk (good table, key and query caching within MySQL) are discussed. Finally, database interoperability and abstraction layers are mentioned in terms of performance penalties vs. making life easier for the programmer.

MySQL Programming is the topic of Chapter 7, where a very good discussion of the MySQL API is provided. There are a lot of useful examples in this chapter covering many of the common MySQL APIs available (PHP's MySQL and MySQLi, Pythons's MySQLdb, ODBC, Perl's DBI), along with feature discussions and examples.

The final chapter, "Looking Ahead," examines MySQL v.4.1, 5.0 and 5.1 and some eagerly awaited new features, including stored procedures, stored functions, views and triggers.

This is a well-rounded volume on MySQL design. There are excellent examples and the flow of the text is conversational without being rambling and unstructured. The authors have obviously taken great pains to minimize tangents and extraneous information; pithy, but with sufficient detail in mind. The reader is left with neither the sense of being overwhelmed nor longing for an explanation for a glossed-over topic. This book is pretty much a "must have" for a MySQL programmer looking to bridge the gap between novice and professional.

You can purchase Beginning MySQL Database Design and Optimization from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

honestpuck (Tony Williams) writes "With Apple's iPods sitting under many Christmas trees come the morning of December 25th, the question arises as to what might sit well next to it. I'm suggesting one of these three books might be just the ticket." Read on for Williams' reviews of three iPod books. (See each) author (See each) pages (See each) publisher (See each) rating (See each) reviewer honestpuck ISBN (See each) summary Three different books on the iPod. The iPod Fan Book iPod Fan Book author Yasukuni Notumi pages 90 publisher O'Reilly Media rating 6 ISBN 0 596 00776 0

The first impression you get of O'Reillys iPod Fan Book is of the packaging. A small volume (about the same height as the iPod and twice the width) it comes with a half-height wrap that has the title and author on the front and the bar code, price and a short contents on the back. Take this off and you have a full-size cover with all the simple elegance of the white iPod itself. The front features the wheel of a 4G iPod and the back has just the Apple logo and "iPod" in Apple's distinctive typeface below it. Remove this second cover and you have a book with a simple design of grey with a white border, the back is blank and the front has the title and the subtitle "Go everywhere with iPod" in small type.

This concentration on design flows through the rest of the book. It is visually stunning; at the same time, effort has been made to make the design useful. The pages are visually tabbed to make it easy to navigate the seven chapters. Each chapter is tabbed in a different color reflected through use of that color within the chapter. Full color pictures and screen dumps add to the legibility and usability of the book.

This book is also full of useful information for the newcomer to the iPod. A small amount is covered in the documentation you get with the iPod, but a great deal is not. Apart from a useful chapter on accessories, the book focuses on methods of getting the best from an iPod and how to organise your music.

To sum up this book: it is a little more style than substance and falls short of being the ideal book for all newcomers to the iPod (and even less for experienced users). On the other hand, the style makes the information that is provided readily accessible for all. I'd say this is the perfect companion to an iPod for a teen-age girl and if my 12-year-old daughter was getting the mini she has been hinting for, a copy of this would be included. (I expect that anyone who spent more than ten minutes deciding on the colour of their mini would probably love the elegance and style of this thin volume.) The price of $14.95 retail makes it a great impulse buy or stocking stuffer.

Hacking iPod + iTunes and iPod & iTunes Hacks

The other two volumes I looked at might seem like two peas in a pod. Scott Knaster's Hacking iPod + iTunes and Hadley Stern's iPod & iTunes Hacks certainly have a similarity in their titles and have almost identical cover prices of a fraction less than $25. The content of about half of each of these volumes covers the same territory, too. There are, however, differences in both the style and content between them. So, how to decide?

Hacking iPod + iTunes author Scott Knaster pages 259 publisher Wiley Publishing rating 8 ISBN 0764569845

For one thing, it seems that Knaster concentrates more on iTunes than the iPod, while Stern seems a closer balance between the two but once again this is only a slight difference.

Both volumes are clearly, and both cover a range of information for users all the way from a relative newcomer (someone who has read the supplied documentation and played around with their iPod and iTunes for a few days) to users who want to push the envelope by installing Linux, hacking iTunes with AppleScript, or finding cheap ways to stream music, to name just a few of the more adventurous topics covered.

The first real difference between the two volumes I found was that Stern has a few more hardware hacks, including some of the surreal sort of hack that often makes these books so much fun -- who would have thought of making your own iPod case out of cardboard, for example? Stern's book is also much more a Macintosh user's book: fully twenty of the one hundred hacks, for example, are devoted to AppleScript. (Not that Knaster ignores AppleScript - he has a chapter almost entirely devoted to it.) Knaster goes into more detail about such "hacks" as podcasting, RSS feeds, email and the iTunes Music Store.

iPod & iTunes Hacks author Hadley Stern pages 417 publisher O'Reilly Media rating 8 ISBN 0596007787

The books also differ in their layout and style. Stern, like all of O'Reilly's "Hacks" book authors, has a slightly dry, informative style with a large number of references to other hacks in the book in the instructions. Knaster's style is a little more tongue-in-cheek, with far fewer references to other parts of the book. Somehow Knaster's style appealed to me a little more, though he seems at times to take a little longer to give you all the information you needed.

Stern's examples are also a little more self-contained, while Knaster tends to give you a start, point you in the right direction and tell you where to go to get all that you needed. The two different ways they approach running Linux on the iPod is typical: Stern uses the uClinux kernel and gives you detailed instructions on how to get that into your iPod using dd, while Knaster uses the Linux on iPod project and gives less detailed instructions. Stern also tells you about Podzilla and a small pointer on developing applications for the iPod while Knaster just leaves you with Linux installed.

Deciding between these two volumes comes down to personal taste, and happily both authors provide samples for you online. For Knaster's book you can go to the Wiley site for Hacking iPod + iTunes , where you can get a table of contents, the index and the first chapter. You can also visit Knaster's site for Hacking iPod + iTunes , where he has a blog on the iPod and pointers to more hacks from the book and some other cool and useful stuff.

For Stern's book you can go to O'Reilly's page for iPod & iTunes Hacks for the usual table of contents and index. It also has a link to a page with ten example hacks, there is also an article on O'Reilly's "Digital Media" website with a further five example hacks.

I'm not going to attempt to decide between these two volumes for you. If you think either might be useful, then have a look at the examples and decide which style suits you best.

You can purchase iPod Fan Book , iPod & iTunes Hacks and Hacking iPod + iTunes from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

honestpuck (Tony Williams) writes "With Apple's iPods sitting under many Christmas trees come the morning of December 25th, the question arises as to what might sit well next to it. I'm suggesting one of these three books might be just the ticket." Read on for Williams' reviews of three iPod books. (See each) author (See each) pages (See each) publisher (See each) rating (See each) reviewer honestpuck ISBN (See each) summary Three different books on the iPod. The iPod Fan Book iPod Fan Book author Yasukuni Notumi pages 90 publisher O'Reilly Media rating 6 ISBN 0 596 00776 0

The first impression you get of O'Reillys iPod Fan Book is of the packaging. A small volume (about the same height as the iPod and twice the width) it comes with a half-height wrap that has the title and author on the front and the bar code, price and a short contents on the back. Take this off and you have a full-size cover with all the simple elegance of the white iPod itself. The front features the wheel of a 4G iPod and the back has just the Apple logo and "iPod" in Apple's distinctive typeface below it. Remove this second cover and you have a book with a simple design of grey with a white border, the back is blank and the front has the title and the subtitle "Go everywhere with iPod" in small type.

This concentration on design flows through the rest of the book. It is visually stunning; at the same time, effort has been made to make the design useful. The pages are visually tabbed to make it easy to navigate the seven chapters. Each chapter is tabbed in a different color reflected through use of that color within the chapter. Full color pictures and screen dumps add to the legibility and usability of the book.

This book is also full of useful information for the newcomer to the iPod. A small amount is covered in the documentation you get with the iPod, but a great deal is not. Apart from a useful chapter on accessories, the book focuses on methods of getting the best from an iPod and how to organise your music.

To sum up this book: it is a little more style than substance and falls short of being the ideal book for all newcomers to the iPod (and even less for experienced users). On the other hand, the style makes the information that is provided readily accessible for all. I'd say this is the perfect companion to an iPod for a teen-age girl and if my 12-year-old daughter was getting the mini she has been hinting for, a copy of this would be included. (I expect that anyone who spent more than ten minutes deciding on the colour of their mini would probably love the elegance and style of this thin volume.) The price of $14.95 retail makes it a great impulse buy or stocking stuffer.

Hacking iPod + iTunes and iPod & iTunes Hacks

The other two volumes I looked at might seem like two peas in a pod. Scott Knaster's Hacking iPod + iTunes and Hadley Stern's iPod & iTunes Hacks certainly have a similarity in their titles and have almost identical cover prices of a fraction less than $25. The content of about half of each of these volumes covers the same territory, too. There are, however, differences in both the style and content between them. So, how to decide?

Hacking iPod + iTunes author Scott Knaster pages 259 publisher Wiley Publishing rating 8 ISBN 0764569845

For one thing, it seems that Knaster concentrates more on iTunes than the iPod, while Stern seems a closer balance between the two but once again this is only a slight difference.

Both volumes are clearly, and both cover a range of information for users all the way from a relative newcomer (someone who has read the supplied documentation and played around with their iPod and iTunes for a few days) to users who want to push the envelope by installing Linux, hacking iTunes with AppleScript, or finding cheap ways to stream music, to name just a few of the more adventurous topics covered.

The first real difference between the two volumes I found was that Stern has a few more hardware hacks, including some of the surreal sort of hack that often makes these books so much fun -- who would have thought of making your own iPod case out of cardboard, for example? Stern's book is also much more a Macintosh user's book: fully twenty of the one hundred hacks, for example, are devoted to AppleScript. (Not that Knaster ignores AppleScript - he has a chapter almost entirely devoted to it.) Knaster goes into more detail about such "hacks" as podcasting, RSS feeds, email and the iTunes Music Store.

iPod & iTunes Hacks author Hadley Stern pages 417 publisher O'Reilly Media rating 8 ISBN 0596007787

The books also differ in their layout and style. Stern, like all of O'Reilly's "Hacks" book authors, has a slightly dry, informative style with a large number of references to other hacks in the book in the instructions. Knaster's style is a little more tongue-in-cheek, with far fewer references to other parts of the book. Somehow Knaster's style appealed to me a little more, though he seems at times to take a little longer to give you all the information you needed.

Stern's examples are also a little more self-contained, while Knaster tends to give you a start, point you in the right direction and tell you where to go to get all that you needed. The two different ways they approach running Linux on the iPod is typical: Stern uses the uClinux kernel and gives you detailed instructions on how to get that into your iPod using dd, while Knaster uses the Linux on iPod project and gives less detailed instructions. Stern also tells you about Podzilla and a small pointer on developing applications for the iPod while Knaster just leaves you with Linux installed.

Deciding between these two volumes comes down to personal taste, and happily both authors provide samples for you online. For Knaster's book you can go to the Wiley site for Hacking iPod + iTunes , where you can get a table of contents, the index and the first chapter. You can also visit Knaster's site for Hacking iPod + iTunes , where he has a blog on the iPod and pointers to more hacks from the book and some other cool and useful stuff.

For Stern's book you can go to O'Reilly's page for iPod & iTunes Hacks for the usual table of contents and index. It also has a link to a page with ten example hacks, there is also an article on O'Reilly's "Digital Media" website with a further five example hacks.

I'm not going to attempt to decide between these two volumes for you. If you think either might be useful, then have a look at the examples and decide which style suits you best.

You can purchase iPod Fan Book , iPod & iTunes Hacks and Hacking iPod + iTunes from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

honestpuck (Tony Williams) writes "With Apple's iPods sitting under many Christmas trees come the morning of December 25th, the question arises as to what might sit well next to it. I'm suggesting one of these three books might be just the ticket." Read on for Williams' reviews of three iPod books. (See each) author (See each) pages (See each) publisher (See each) rating (See each) reviewer honestpuck ISBN (See each) summary Three different books on the iPod. The iPod Fan Book iPod Fan Book author Yasukuni Notumi pages 90 publisher O'Reilly Media rating 6 ISBN 0 596 00776 0

The first impression you get of O'Reillys iPod Fan Book is of the packaging. A small volume (about the same height as the iPod and twice the width) it comes with a half-height wrap that has the title and author on the front and the bar code, price and a short contents on the back. Take this off and you have a full-size cover with all the simple elegance of the white iPod itself. The front features the wheel of a 4G iPod and the back has just the Apple logo and "iPod" in Apple's distinctive typeface below it. Remove this second cover and you have a book with a simple design of grey with a white border, the back is blank and the front has the title and the subtitle "Go everywhere with iPod" in small type.

This concentration on design flows through the rest of the book. It is visually stunning; at the same time, effort has been made to make the design useful. The pages are visually tabbed to make it easy to navigate the seven chapters. Each chapter is tabbed in a different color reflected through use of that color within the chapter. Full color pictures and screen dumps add to the legibility and usability of the book.

This book is also full of useful information for the newcomer to the iPod. A small amount is covered in the documentation you get with the iPod, but a great deal is not. Apart from a useful chapter on accessories, the book focuses on methods of getting the best from an iPod and how to organise your music.

To sum up this book: it is a little more style than substance and falls short of being the ideal book for all newcomers to the iPod (and even less for experienced users). On the other hand, the style makes the information that is provided readily accessible for all. I'd say this is the perfect companion to an iPod for a teen-age girl and if my 12-year-old daughter was getting the mini she has been hinting for, a copy of this would be included. (I expect that anyone who spent more than ten minutes deciding on the colour of their mini would probably love the elegance and style of this thin volume.) The price of $14.95 retail makes it a great impulse buy or stocking stuffer.

Hacking iPod + iTunes and iPod & iTunes Hacks

The other two volumes I looked at might seem like two peas in a pod. Scott Knaster's Hacking iPod + iTunes and Hadley Stern's iPod & iTunes Hacks certainly have a similarity in their titles and have almost identical cover prices of a fraction less than $25. The content of about half of each of these volumes covers the same territory, too. There are, however, differences in both the style and content between them. So, how to decide?

Hacking iPod + iTunes author Scott Knaster pages 259 publisher Wiley Publishing rating 8 ISBN 0764569845

For one thing, it seems that Knaster concentrates more on iTunes than the iPod, while Stern seems a closer balance between the two but once again this is only a slight difference.

Both volumes are clearly, and both cover a range of information for users all the way from a relative newcomer (someone who has read the supplied documentation and played around with their iPod and iTunes for a few days) to users who want to push the envelope by installing Linux, hacking iTunes with AppleScript, or finding cheap ways to stream music, to name just a few of the more adventurous topics covered.

The first real difference between the two volumes I found was that Stern has a few more hardware hacks, including some of the surreal sort of hack that often makes these books so much fun -- who would have thought of making your own iPod case out of cardboard, for example? Stern's book is also much more a Macintosh user's book: fully twenty of the one hundred hacks, for example, are devoted to AppleScript. (Not that Knaster ignores AppleScript - he has a chapter almost entirely devoted to it.) Knaster goes into more detail about such "hacks" as podcasting, RSS feeds, email and the iTunes Music Store.

iPod & iTunes Hacks author Hadley Stern pages 417 publisher O'Reilly Media rating 8 ISBN 0596007787

The books also differ in their layout and style. Stern, like all of O'Reilly's "Hacks" book authors, has a slightly dry, informative style with a large number of references to other hacks in the book in the instructions. Knaster's style is a little more tongue-in-cheek, with far fewer references to other parts of the book. Somehow Knaster's style appealed to me a little more, though he seems at times to take a little longer to give you all the information you needed.

Stern's examples are also a little more self-contained, while Knaster tends to give you a start, point you in the right direction and tell you where to go to get all that you needed. The two different ways they approach running Linux on the iPod is typical: Stern uses the uClinux kernel and gives you detailed instructions on how to get that into your iPod using dd, while Knaster uses the Linux on iPod project and gives less detailed instructions. Stern also tells you about Podzilla and a small pointer on developing applications for the iPod while Knaster just leaves you with Linux installed.

Deciding between these two volumes comes down to personal taste, and happily both authors provide samples for you online. For Knaster's book you can go to the Wiley site for Hacking iPod + iTunes , where you can get a table of contents, the index and the first chapter. You can also visit Knaster's site for Hacking iPod + iTunes , where he has a blog on the iPod and pointers to more hacks from the book and some other cool and useful stuff.

For Stern's book you can go to O'Reilly's page for iPod & iTunes Hacks for the usual table of contents and index. It also has a link to a page with ten example hacks, there is also an article on O'Reilly's "Digital Media" website with a further five example hacks.

I'm not going to attempt to decide between these two volumes for you. If you think either might be useful, then have a look at the examples and decide which style suits you best.

You can purchase iPod Fan Book , iPod & iTunes Hacks and Hacking iPod + iTunes from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Aeonite (Michael Fiegel) writes "When I was in fourth grade, my teacher once made the class grade each other's papers. As she read off answers, I stared in horror at the paper I had been given from the girl next to me. Every answer was wrong. Every one. By the time I had ticked off the 30th incorrect answer, I was practically in tears. I felt responsible, somehow, for the problems on the page. It would not be her fault that she failed, but rather my own fault for calling attention to her flaws. I felt ashamed. I felt awful. That was twenty years ago. I've gotten over it. That said, I have purposely not read any other reviews of the new 30 Years of Adventure: A Celebration of Dungeons & Dragons coffee table book, so I have no idea if other 'students' will judge this book in the same way I am about to. Which is to say, with a critical eye and a sad, sad shake of my head." Read on for Fiegel's review. 30 Years of Adventure: A Celebration of D&D author Peter Archer (Editor) pages 284 publisher Wizards of the Coast rating 2 reviewer Michael Fiegel ISBN 0786934980 summary A look back at 30 years of Dungeons & Dragons.

The inside book jacket explains that "(t)his book is a celebration of that phenomenon (D&D, natch) and a tribute to the millions of players who brought the Dungeons & Dragons experience to life." When I think of tributes, I think of missing-man formations flying over stadiums, of 21-gun salutes, and Taps played on a lone bugle. As a tribute, this book is the equivalent of a handful of cellophane balloons released from the rooftop of a children's hospital just before noon on a Sunday, with Kool and the Gang playing on a cassette deck nearby.

OK, perhaps that's harsh. Or perhaps you really like Kool and the Gang. In either case, I'll do my best to lay out my case clearly, and in the end you can decide for yourself if you think my harshness is justified or not.

The Cover

I walked by this book at Barnes & Noble five times before I noticed it, even though it was laying flat on a table, its cover clearly visible to me. As covers go, it's really not designed to catch the eye. It's a book designed for rogues, or wraiths, muted gold images wrapped within a translucent sheet of white plastic, making the whole thing look like it's being viewed through a heavy mist, or perhaps a Wall of Fog spell. The title, if you read it off as you notice the elements on the page, is something like "Years A Celebration of Dungeons & Dragons Of Adventure 30." The "30" in this case is represented by two 8-sided dice -- clever enough but very difficult to read. And why 8s? Why not 20s? Wouldn't that make more sense if we were trying to be clever? (Ed. It's been pointed out since I wrote this that it's actually a d8 and a d10, though my opinion stands.)

Front Matter

The book boasts on its cover that it features a Foreword by Vin Diesel. I guess this is high praise for the 16-year-old set who likes that movie where he drives around really fast, or maybe that one where he plays that criminal with the spooky eyes. I've got nothing against Vin Diesel, and I know he plays Dungeons & Dragons and all, but come on, folks. 30th Anniversary, and there's no place for Gary or Dave in your book? Throw 'em a bone. Hell, Steve Jackson could write a more appropriate Foreword.

For the young folk, "Gary" and "Dave" refer to Mr. Gygax and Mr. Arneson, respectively, two gentlemen who are peripherally involved in the role-playing industry. And yes, Gary Gygax does have a piece in the book -- but it was written in 1999. Somewhat tellingly, it includes the following statement by Mr. Gygax: "We were in a great hurry to get it done, and I was concerned about editing."

One wonders if the same could be said for this book.

At any rate, after Mr. Diesel's piece is an Introduction by the book's editor, Peter Archer, the brand manager for novels at Wizards of the Coast. His four-page intro is of particular interest for two reasons. First, it lays out the basic history of Dungeons and Dragons, from its roots to the release of Eberron. This history is important, because we're going to hear it retreaded and retold over and over and over again by different authors, and sometimes multiple times by the same author, on the pages that follow.

Second, and perhaps more importantly, his introduction is also some of the only text in the entire book which is grammatically correct, properly and cleanly laid out, and free of typos (at least insofar as I am aware). This book is positively awash in errors. If this were an OGL-released d20 product put on the market by a small publisher, said publisher would be lambasted for their sloppy work. I'm not about to pull any punches here because it's Wizards.

About the Graphic Design

Bad, bad, bad, bad, bad.

Listen, I'm not the world's foremost expert on layout and design. Heck, I consider myself a writer by trade, though I do layout at my day job. But it doesn't take an expert to take one look at this book and go "Yeagh."

"Yeagh," here, interpreted as a vomiting sound.

All the basic rules of design are broken for no apparent reason other than to give the book a "hip" or "cool" layout. Instead of being presented with the text at a normal 90 degree angle to the page, every single page has the text skewed to the right or the left, so you have to constantly wiggle the book back and forth, back and forth to read it clearly. And the page numbers are no help. They're little 10-sided dice in the margin on right-hand pages, difficult to read (I didn't even notice they were there until I was halfway through the book) and serving no purpose other than to look cute.

The skewing of the pages left and right, left and right, means that the text is forced to flow in unnatural ways across pages, leading to awkward widows and orphans (when single words or sentences are left abandoned at the top or bottom of columns) and horrible breaks between pages and even within sentences:

"And the best part is that as you defeat more
monsters and gather
more treasure your character's chances to fight
and survive improve."

Flowing text between pages is simple in today's desktop publishing applications. You set up text boxes on each page and then you just paste all your text into the first block. Magically, it flows through the entire document, filling the boxes. Then you just save the document and send it off to the printer. Well, you're not supposed to do that. But that's evidently what happened here. Just a wee tiny little itty bit of nudging could have made this book a billion times more readable. Consider:

"TSR tackled the task of translating the game" (next page) "into the French language."

Why not adjust the leading or spacing a fraction of an inch to bump this back so the entire sentence fits on the first page, avoiding the awkward break? It's easy, really. I do it every day.

"Every staple of fantasy/swords & sorcery fiction could" (next page) "find a comfortable home in the Known World."

This one is even more egregious. At the bottom of that first page, there's a full two inches of space. You could have fit an entire new paragraph there, much less eight words. Come on, guys.

All this comes to a head in the latter pages of the book, when numerous smaller sub-articles by the likes of Ed Stark and Ryan Dancey are interspersed with the main narrative in a confusing jumble, both the sub-article and the main article continuing on across two, three or more pages. This causes the reader to have to flip back and forth numerous times to try and follow the separate threads, with amusing consequences. I think at one point Peter Adkison interrupted himself.

Moving on, there's much to be said of the overall graphic design, and none of it is good. Artwork, lifted from 30 years of Dungeons & Dragons products, is sprinkled willy-nilly with little regard for the subject matter. Some dramatic pieces have their most interesting bits cropped off seemingly at random. Other pieces are just reversed out and pasted on black or dropped behind a red mask, presumably for a "dramatic effect" akin to passing around a bowl of spaghetti when your players discover a pit full of snakes. In a chapter on AD&D 2nd Edition, several 1st Edition AD&D books are pictured. In a chapter on the 2nd Edition Historical Sourcebooks, several cover images are used over and over again on successive pages. And so on.

Color schemes shift from page to page, with any notion of good contrast tossed out the window. Here we have black type on white, then black type on brown, then black type on brown with a gradient from light brown to dark brown, then white on red. Page 189 is one of my favorites. Heck, even the notion of simple reversed text is thrown to the wolves here: compare 208 to 211; same white on purple scheme, different degrees of brightness. No doubt some of the pages even feature black text on a black background, though not having elven blood in me I lack the Darkvision necessary to perceive this strange and cryptic Moon writing.

Even simple things like two-page splashes are handled poorly. Check out pages 196-197 (or rather, try and find them, since they're not numbered) and try and decipher the subtitle mashed into the gutter of the book.

About The Editing (or lack thereof)

I have no way of knowing exactly who's to blame here. As Editor, I could be quick to point a finger at Mr. Archer, but perhaps here "Editor" means that he pulled the material together and strung it out so it made sense, in which case he did a good job. Whoever was responsible for copyediting and layout, however, should have to do this book all over again from scratch, on their own time. Some of the mistakes made here are positively amateurish, others so obvious that it's incredible that they weren't caught before this went to press.

Some examples of typos, poorly-phrased sentences and other gaffes that absolutely should have been fixed by an editor, chosen randomly from about the book:

"My second greatest love however, next to acting was gaming."

"My own campaign world grew out of that original map that I took a half hour to draw. z" (sic)

"...we saw a merchant caravans crossing the desert..."

"I may remembering wrong..."

"1976 was a year of beginnings as the Ral Partha miniatures company appears on the scene."

"using your time in a ways that's entertaining but also enriching."

"Until TSR published that Gary Gygax's home campaign setting back in 1975..."

"We start in town and buy your stuff."

"poured over books" (referring to reading them, not dumping water on them)

"dire straights"

"silly to support two separately game lines"

"hen we released the third edition of Dungeons & Dragons..."

and the best, on page 253,

"Advance Dungeons & Dragons"

Lest you think me harsh, let me point out that these were all things I caught on my first read through the book. I'm not a professional copy editor by any stretch of the imagination, and I make mistakes all the time. But for a product which is made out to be this huge 30th Anniversary Celebration, you'd think someone would actually read through the thing one last time before it went out the door to try and fix stupid errors and clean up grammar. Sometimes Dungeons & Dragons is all caps, sometimes not. Sometimes Dungeon Master is capitalized, sometimes not. This is something a spell-checker could fix automatically had anyone taken fifteen seconds to run it.

Part of the problem (and no doubt, one of the arguments used to defend it) is the fact that a number of the typos and grammatical errors appear in one-page "celebrations" written by various people in the entertainment industry, some well known and others of more dubious fame. "We didn't make the errors," this mythical copy editor might say, "those people made the errors." To which I reply, any editor worth his salt knows that it's preferable to correct typos, fix punctuation and even slightly massage quotes to make them sound correct. No one wants to go down in print sounding like a goober, even if they typed the sentence out that way. They'd be happy you fixed it. We all would. Some of these little one-pagers read as if they were copied out of Outlook and pasted into InDesign without a second glance.

And speaking of stupid editing mistakes and one-pagers, take note of Nik Davidson's contribution on page 98. You'll be seeing it all over again on page 194. How this page got replicated, paragraph break error and all, is beyond me. It smacks of sloppiness, however, as does the whole book.

Which I will now discuss.

Chapter 1. The Adventure Begins

By Harold Johnson with Gary Gygax

As first chapters go, this is one of the worst. In fact, as all chapters ever written go, it's one of the worst, on countless levels.

To start with, the predominant color scheme in this chapter is red and black, which makes everything look as if the layout artist slit his wrists over his work in despair. Turning everything blood red does not make it more dramatic, guys. It makes it more muted and hard to see.

Then there are the stupid typographical errors. The introductory "adventure" is written across a two-page spread entirely in italics, for no other reason than to be in italics. Though the fact that it's difficult to read is certainly in its favor, as it's hardly stellar work, featuring numerous examples of the aforementioned bad spelling, run-on sentences, bad grammar and godawful writing:

"Two were warriors as could be seen by their swords, the dwarven one sported a long beard and held a heavy warhammer. The other two were something of an oddity-- the first wore long robes and carried a slender wand of white ash, his eyebrows were animated as he took in the scene. The other wore a loose fitting tunic and held a thin bladed dagger in one hand as his enigmatic grey eyes took in the setting."

Chris Prynoski's one page "celebration" (page 22) features more bad writing, including an obviously (and badly) contrived "example" of gameplay which introduces the words "fucked" and "piss" into the book for no apparent reason other than to be crass.

"What do you mean, 'What are you gonna do'? Don't I have to roll these fucked-up-looking dice or something? What am I supposed to do?"
"You can do anything."
...
"Okay. My guy pulls down his pants and pisses on the altar."
...
"I'm rolling to see what happens to you."
"Shouldn't I be rolling to see what happens to me?"
"I'm the Dungeon Master, dude."

Riiiiight. Maybe, just maybe, Mr. Prynoski is telling the story sans embellishment, as it actually happened. Even so, it should be up to an Editor to say "You know, this is the one single page in the book where we use profanity, so maybe I should EDIT the page to remove it, for consistency. Since I'm the Editor. And stuff."

Cardell Kerr's one pager, which faces Prynoski's, is fairly coherent, but there are little things that suggest -- like the rest of the book -- that these "celebrations" were all pasted together from emails with little or no editing:

"Wow . . . thinking about it, is almost embarrassing. I mean, kobolds would never ride dragons!"

Other such "celebrations" in this chapter include testaments from Stephen Colbert, Wil Wheaton, Sherman Alexie and Ben Kweller, whose enlightening thoughts include one of the best collections of unrelated sentences in the entire book:

"When I was young, I read a ton of the Dungeons & Dragons Choose Your Own Adventure books. Music's always been my one passion in life. I had piano lessons when I was growing up..."

This first chapter of the book also features sections entitled: "Where Did It Come From?", which reiterates the story of D&D's historical origins; "A Gathering of Gamers," which not only discusses GenCon's beginnings, but also reiterates the story of D&D's historical origins; and "The Birth of D&D," which reiterates the story of D&D's historical origins.

I only wish that they'd included a section that reiterated the story of D&D's historical origins. Alas.

Chapter 2. Worlds of Adventure

By Steve Winter with Peter Archer and Ed Stark

The second chapter of the book is a tour of the main campaign settings that have been featured in Dungeons & Dragons throughout the years. As a whole it's much better written and edited than the first chapter, with more factual and relevant information and less "golly-gee" gushing.

Things begin to turn around when Peter Archer discusses Dragonlance, though he does lead off his retelling of Krynn's development with an interesting bit of time travel, stating that "Tracey Hickman, a Mormon, had returned from his mission abroad in Indonesia in March 1980" and then later that "Laura Curtis had introduced Tracy to D&D in 1997 before he went abroad."

The portions written by Steve Winter are excellently done, this inconsistency leading me to believe that the majority of the book was self-edited by the respective authors, without a final pass-through at the end. Winter's piece on the Forgotten Realms is fascinating, containing anecdotes and information about the creation of the Realms that I was previously unaware of, and his sections on Mystara, Spelljammer, Ravenloft, Dark Sun and Planescape contain similar revelations.

In fact, my only real gripe with the bulk of this chapter are things I've mentioned previously: awful layout (including some truly bad design decisions in the Planescape section, inserting one-page "celebrations" in the middle of the main narrative in a confusing fashion), and the bad editing and inconsistent writing in those same one-pagers. Some of them (Dan Trethaway's, and Feargus Urquart's) are well-written and edited, while others are disjointed (Laurell K. Hamilton's) or somewhat self-serving and seemingly irrelevant (John Frank Rosenblum).

Chapter 3. AD&D 2nd Edition

By Steve Winter

I expected this section to be well-written and informative, as the author, Steve Winter, had demonstrated his ability to do both those things in the previous chapter. I was not disappointed. Here, Winter covers not only the origins of 2nd Edition, but the PHBR Reference Books, the Historical Sourcebooks and the infamous Black Box (aka 1070), which was one of the best-selling items ever (over 500,000 copies worldwide). Winter seems bittersweet writing about these products, recognizing their flaws and respective levels of popularity (or lack thereof). Though not laid out so clearly, this sense of melancholy is a good lead in to the next chapter.

Chapter 4. From TSR to Wizards of the Coast

By Peter Adkison with Ed Stark

This chapter talks about Adkison's view of the merger, from the point of view of Wizards of the Coast, interspersed with Ed Stark's view from TSR. It's an interesting way to present the information, and is informative and interesting. As mentioned earlier, the layout choice to intersperse and interweave these smaller sub-articles through the main narrative makes it somewhat difficult to read, but here it almost seems to benefit the section's two-headed approach.

Sub-sections of the narrative are entitled "How I Became a D&D Fan," "TSR Needed Help," "The Acquisition of TSR," "Wizards of the Coast" and "Building TSR to Last," all self-explanatory as to the sort of content they contain and all interesting. "How I Became" really gets across the wonder of discovery, and "Needed Help" explains in layman's terms how it was that TSR crashed and burned despite record sales. "Acquisition" includes information on Ryan Dancey and the million dollar fax, while "Wizards" and "Building" wrap up the narrative nicely, bringing fact and feeling together quite nicely.

As a whole, this is perhaps the best part of the entire book, though as it starts on page 200 of a 284 page book, it's not really enough to save the whole.

Chapter 5. Third Edition

By Peter Adkison

As one might expect, this chapter covers the origins of 3rd Edition, discussing some of the design decisions that went into its development and covering topics such as the Open Gaming License that modern gamers are probably more familiar with. Though informative, it's bound to be less interesting to most readers since, unlike previous material, it's neither truly historical (it discusses events of the past five years) nor really revelatory. The section also suffers horribly from the poor layout discussed earlier, with numerous sub-articles running alongside and in-between the main narrative. Overall, it's a confused mess, and a slight downturn from the previous chapter.

Chapter 6. Into The Future

By Ed Stark

Really more of an Epilogue than a Chapter in itself, this consists of more graphical content than actual information. Here, computer games, "mature" products like the Book of Vile Darkness and Hasbro's purchase of Wizards of the Coast are discussed in more detail, though not with as much "oomph" as other sections of the book. It all feels tacked on, a feeling exacerbated by the fact that on page 282, halfway through the section, suddenly none of the paragraphs are indented. And then there's this:

"But things remained quiet. There were a few shake-ups, but mostly outside the RPG R&D department. Hasbro didn't interfere with us, and we kept our heads down for them."

And we turn the page and...

Um.

That's the end of the book, folks. That's how it ends. Not with a bang, but a whimper. It's as if everyone just got tired of looking at it and stopped working on it. Appalling.

Credits

As far as I'm concerned, only three people need to be called out onto the carpet on this one:

First, the Editor, Peter Archer. Sorry Peter, but you get a C. I'll grant you that it's not like there's a typo on the front cover but there is, on average, one typo or other error on every page of this book. For every one perfect page there's one with two or three errors on it. The editing is at best inconsistent. The middle of the book is much better, but it's far from perfect, and the first chapter really ruins the mood early on. Since there's no copyeditor listed in the credits, I have to point the finger Archerwards. Maybe it wasn't your fault. But we gotta blame someone, and your name's listed first. But you're not alone.

Art Direction: Matt Adelsperger
Graphic Design: Matt Adelsperger & Brian Fraley
Typesetting: Matt Adelsperger & Brian Fraley

Together you guys get a D. This is really bad. Really. I can sort of comprehend how this was perceived as a cutting-edge art book with nifty crosswise and crooked layout, lots of colors and a slapdash, thrown-together look. I just think it looks sloppy. As an art book, maybe it's quite the achievement. As a celebration of the greatest RPG ever published, it sucks.

The Price

$49.95? Are you kidding me? For this? It's worth half that, and I expect it'll be half that in about two weeks when it winds up in the half-price bin. I'm not about to take my copy back (I can write it off on my taxes since I wrote this review, after all), but I'm not inclined to show it to my gaming friends.

Summary

This book does not make me want to celebrate Dungeons & Dragons. It makes me frustrated and sort of angry that this sloppy product was foisted off on us. So much more could have been done, and so much better. Even if no additional content were added, a cleaner layout with better use of graphics and a single pass through by a copyeditor could have caught most of the mistakes I mention above, and helped make it a delightful read. But alas, no. I see nothing stylish about being random and sloppy. If this were anything other than a Celebration of 30 years of D&D I might be more forgiving, but it isn't, and I'm not. We deserve better.

The middle of the book, especially the portions written by Mr. Winter and Mr. Adkison, are really interesting, fun and informative. But these highlights are dimmed by the broad shadow cast by much of the other material, including some of the more awful "gee whiz" one-pagers and the entirety of Chapter 1.

I'd recommend this book if you're a true fan, a completist, or if you have 50 bucks to spend. I would not recommend you buy this as a Christmas gift for someone else, because really they'll probably be disappointed, and you don't want that. Give them a $50 gift certificate for your FLGS instead. It'll be much more appreciated, and chances are the product they buy with that money will get them a much cleaner, much better edited product than this.

Let's hope the "50 Years of Adventure" book is a little better than this. Assuming we're still reading books in twenty years, of course.

You really could purchase 30 Years of Adventure: A Celebration of Dungeons & Dragons from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

sympleko (Matthew Leingang) writes with his review of Running Mac OS X Panther, by James Duncan Davidson. "The Macintosh has come a long way in twenty-plus years. Much has been said of Mac OS X being the perfect union of a rock-solid operating system with a beautiful and functional user interface. Since the iMac, Apple's market share has been steadily increasing, and since OS X, Unix users have been making the switch. My last computer was a dual-boot box that I kept finding excuses to keep from booting to Windows. My PowerBook is literally the best of both worlds. I can run the older unix-based apps I need to for work, and use Microsoft programs and play fancy games when I want. It's also essentially two different computers. This book is about using that second computer, the workhorse behind the scenes." Read on for the rest. Running Mac OS X Panther author James Duncan Davidson pages 306 publisher O'Reilly rating 9 reviewer Matthew Leingang ISBN 0596005008 summary Managing your Mac as a unix box

The book fills a certain niche very well. It is not the missing manual to the iApps or a list of Finder tricks. It's not a primer on Unix for people used to GUIs and Macs (that's Learning Unix for Mac OS X Panther , also from O'Reilly). This book is for users who have administered a machine or network before and want to get the absolute most out of their Mac. It's also useful for connecting your Mac to a network seamlessly. But it's complicated and technical enough if you're the kind of Mac user who doesn't have the Terminal on your dock you might be intimidated. That may not include most slashdot readers, but it's worth mentioning because part of the Mac ideology is that it works beautifully with little trouble. The Unix ideology, however, is also represented: if want to tweak it, you can.

The author illustrates both interfaces to the operating system throughout the book. There are Macintosh applications to access all kinds of system information, whether it's users and groups, preferences, system logs, or services. For those who love Unix and the command line, just about anything you can do with the GUI you can do with the CLI. This makes a nice two-tiered approach to anything you'll want to do. The GUI is fast and easy to learn, but some things (particularly automated tasks) really need to be done on the command line.

The book is written well, and if you happen to be sitting next to your computer while reading it, you'll be constantly torn between the two. There are lots of things you'll want to try right away.

Part I: Getting Started

This part has a charming history of the Macintosh, from the toaster to Panther, complete with snapshots (my favorite parts of these are the disk usage indicators: System Folder: 152K in folder, 167K available.) It's fun to read and discover where on the time line you came into the fold.

Here also is a basic layout of the filesystem, containing parts used by the more Macintosh-y side and the more Unix-y side. For instance, there are several directories (um, folders) called Library; these contain information which might be in an include, share, etc, or lib directory. Better put, these contain supplemental Mac-app-related, non-user data. For Unix applications, the /usr, /var, /bin, /sbin, /etc, are all there.

Of course, there are top-level places to store things, or user-level locations for essentially the same kind of data (applications, preferences, documentation). This is the concept of filesystem domains, which additionally include network and system domains. The whole idea is to allow customization to ordinary users without giving up system integrity and preventing all users from unintentionally corrupting things.

If you haven't used the CLI on the Mac before, the author gives a basic introduction to Terminal.app. Terminal by default uses the bash shell, but there are number of ways to change that if you want. Several text editors are available for editing through the terminal, but unfortunately, the author doesn't talk much about them. True, pico is self-explanatory and vi and emacs users will already have their followers, but a little more than how to exit these programs if they start accidentally (while that's quite useful information) would have been helpful.

There's important extra structure to Mac files that can be (accidentally or intentionally) unlinked on the Unix side. There are commands like ditto, CpMac and MvMac which take care of the important stuff and do exactly what their GUI counterparts do (and more than mv and cp). Also, there's open which is the analog of double-clicking (either apps or docs), and osascript which lets you write and run AppleScript scripts on the fly. More could have been said here about the differences between Mac files and Unix files. What of the resource fork?

Part II: Essentials

This is where the book's meat is. There is first a blow-by-blow account of what happens when you turn on your Mac. If you are interested in seeing all the gory details, you can always hold down Propeller-V during startup and see the BSD diagnostics (even if you don't know what these mean, it's nice to know some progress is being made. Though I love the taste of Mac Kool-aid, I often worry what's going on while that dial is spinning). You can change how the Mac boots by updating (at your peril, as usual) the Open Firmware settings on the chip with nvram. One nice bit of customization from Bell-and-Whistle Land: the graphic shown at boot time is in /System/Library/CoreServices/SystemStarter/QuartzDisplay.bundle/Resources/BootPanel.pdf. The /etc/hostconfig file has Unix-style host configuration information, such as what services get turned on.

Creating your own startup items is relatively easy; it's a matter of putting a directory, shell script, and plist file in /Library/StartupItems. You can also customize what happens after a successful startup. You can present a login window, auto-login as a specific user, or even allow dropping down to console login.

The larger and more powerful a computer gets, the more people want or need to use it, and the more important it is to make sure each user area remains separate. At the Mac lab at which I worked during college in the early nineties, we used RevRDist to make sure every computer in the lab mirrored one with just the right software, fonts, and windows in the right place. The Mac from which we mirrored was locked in the office, not to be touched. Now there are much easier ways to do this without wasting a computer.

It's easy to create and manage users using the the Accounts preference panel. The root user exists, but is essentially not needed. The person who installs the operating system becomes an administrative user, and can bestow that privilege on other users. On the command line, all administrative tasks can be done with sudo, which requires authentication as an administrative user to run, but which contains a slight memory so that passwords don't need to be typed at every command. Although it's discouraged, you can allow the root user to log in.

With the several filesystem domains, each user can manage his or her own preferences. Each application allows access to its own preferences, or they can be taken care of from the command line with the defaults utility. GUI means it's easy to do what you want without knowing exactly what setting to change; CLI means you can automate it easily.

Another important aspect of a multi-user system is in permissions. Like in any good unix, in Mac OS X files have permissions attached to them indicating whether the owner, other users in the owner's group, or all users are allowed to see, edit, or run them. This can be managed through the Finder (with the Get Info menu command), or with the command line with chmod.

Several applications in the /Applications/Utilities folder allow you to keep track of what's running on your Mac. The author demonstrates these:

• System Profile, which shows information about your system's hardware and software. You can use this to check out who made your hard drive and how much RAM you have. Also, every application installed in /Applications is registered here, so you can easily see what versions of which are there.
• Console is another great utility for monitoring your applications. It collects log files from /Library/Logs, /var/log, and ~/Library/Log in a tree for browsing. You can filter views of these logs easily, making this a little more pleasant than tail -f.
• To monitor processes themselves you can use Activity Monitor. Think of it as top on Macintosh Steroids. You can inspect processes to try and figure out what they're doing or kill them if they've stopped accepting input. For super users and developers, you can sample processes to figure out their inner workings. There is probably FMTYEWTK about processes, but it's good know it's there.
• To terminate processes, there's the Force Quit command from the Apple menu, or you can do it through Activity Monitor, or there's good old-fashioned kill.

At the core of the Mac filesystem lies, of course, the filesystem. The Mac OS X Extended Filesystem (HFS+) is powerful yet friendly. It's case-preserving and case-insensitive. The latter means that README and Readme are the same file, but the former means that your original name for the file will be kept without enforcement of case usage. So if you want to call it ReAdMe, that's oK, too.

One of the most powerful features of HFS+ is journaling. This means every change to the file system is kept track of in the event of a system crash. This causes a slight overhead but pays benefits in automatic recovery from crashes without having to run fsck (or be scolded by your computer for its own crash). Fragmentation is also handled smartly; files smaller than 20MB are moved so as to have less than 8 fragments.

Lots of other disk-related activities are covered, including:

• how to mount filesystems of other types, including CDs and DVDs, Apple Filing Protocol, Samba, NFS, WebDAV and FTP;
• The Disk Utility application and its CLI cousin diskutil which do as much as you would want and more with a disk utility. You can check, repair, partition, erase and format any disks. You can even obliterate data by writing over it eight times with random data. Take that, NSA!
• disk images, which are like 21st century tarballs. A disk image contains not only data but its own filesystem, and are mounted onto the user's filesystem just like disks. In addition, disk images can be encrypted to restrict access without a password.

Part III: Advanced Topics

The further along in the book, the less useful it gets. That speaks not the author's skill of exposition or choice of subject matter, but simply confidence in the Mac and the knowledge that I didn't need to know it. For the user administering a single machine, there's no real need to grok the inner workings of Open Directory: it just works. Printing, network services: it all just works. That's good news for Mac users. But it's also good that all this information is available if you really do want to tweak default behavior or configure something that isn't working as it should.

I talked about this book with the systems administrator in my department, and he mentioned that my statements in the previous paragraph are somewhat simplistic. According to him, it was a hard task to have public Mac workstations which mounted home directories from a central Unix computer, and allowed users to have their own preferences and user data (including Dock setups) live in their Unix accounts. Apparently the book that has all the information about networking, warts and all, hasn't been written yet. This book is as good as it gets, so far.

To summarize this part of the book: Open Directory has nothing to do with the filesystem directory. Instead, it's the central location of all authentication information. At one time Unix maintained user information in flat files such as /etc/passwd and /etc/group; with the advent of larger networks that regime has been largely replaced. Open Directory is a liaison between BSD's Pluggable Authentication Modules (PAMs) and Mac's Directory Services on the local end, and LDAP, Rendevous, Kerberos, etc., on the network end. Open Directory can talk to Active Directory as well, to allow authentication across Windows and Mac platforms. Through network (shared domain) authentication, users can log in on networked machines while their names and passwords are stored on a central server. The Directory Access Utility is the tool for this.

NetInfo is the database behind Open Directory. As usual, there are two ways to manage Netinfo information; the GUI NetInfo Manager, and nicl on the command line.

Mac OS X uses CUPS (Common Unix Printing Service) to configure and access printing. The printing chapter shows how to add and manage printers using the Printer Setup Utility, and how to customize jobs with the various settings in the standard print dialog. Like I said, though, printing is much easier than it sounds from this chapter. Rendezvous and Open Directory find the printers you're allowed to print on; you click Print and go.

Networking and network services are also covered here. The author shows not only the theory behind networking, but the settings which allow one computer on a network to find another on another network through the internet. Once this is accomplished, a number of services can be deployed, from FTP to remote login to a personal web site.

Appendices

There's some useful stuff in the back, including how to install Panther from scratch (but especially what needs to be backed up before you do so!), all those boot key combos you can never remember, and a whole list of other resources, be they books, magazines, web sites, or mailing lists.

Check out this book if you want to learn the gory details of Mac OS X's core. It's short on gimmicks but long on information.

You can purchase Running Mac OS X Panther from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Adam Jenkins writes "I have had a fair bit of experience with malware, from removing DOS viruses to removing rootkits on Windows servers. Currently I am working in desktop support at a university -- exactly where many of the anti-malware battles occur." With that background, he provides a review of the reprinted Malware: Fighting Malicious Code, writing "As with many things computer-related, this book might age quickly, but it has lots of sound theory that will stay relevant for a long time, even if it doesn't discuss the latest worm by name. I haven't read the author's earlier book (Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses) but he is well known as both the author of that and also for the SANS lectures he runs." Read on for the rest of Jenkins' review, or revisit Matt Linton's review. Malware: Fighting Malicious Code author Ed Skoudis with Lenny Zeltser pages 647 (paperback) publisher Prentice Hall PTR rating 9 reviewer Adam Jenkins ISBN 0131014056 summary very comprehensive guide to malware

The blurb on the back cover states that the book is "intended for system administrators, network personnel, security personnel, savvy home computer users, and anyone else interested in keeping their systems safe from attackers." It may seem a minor point, but that is a very broad range of people! However, the book is comprehensive enough to merit the claim. For example, the chapter on "malicious mobile code" (or "active content") includes tips on how to configure Internet Explorer's security settings (great for savvy home users), while the information presented on using group policies, Internet Explorer 6 Administration Kit and incorporating changes into Ghost SOE images would be more appropriate for system administrators. One can argue that system/network administrators already know all this, but let's face it; there are many who don't, or who need prompting. The book is particularly strong in explaining theory, like how different types of malware work, and it reminds me of a lot of university text books in layout. Each chapter has a Conclusions section, a summary and a list of references -- great for retention of knowledge, or to help if you are studying for an exam on the chapter. There is a reasonable amount of redundant information in the book; particularly in the "defence" section of each chapter, where file integrity checkers, bootable CDs with static binaries and the like are discussed.

"Malware" is a deliberately broad term, but it suits this book, which covers not just viruses, Trojan horses and worms, but also rootkits and BIOS microcode. The scope extends a bit beyond just fighting malicious code, Skoudis goes so far as analyzing how it works, how it has developed (from other malware) and speculated on the future of malicious code.

Malware is very readable, while still being technically accurate. It does not cover everything, but Skoudis has lots of great analogies, and quotes that range from such diverse sources as Stephen Hawking, Lord of the Rings, The Matrix, Wargames, Milli Vanilli and Styx. The book is written in a conversational and at times humourous style, and I am assuming a lot of the content has been presented in Skoudis's lectures.

Despite the practical approach of the book, the content is not exactly what you might expect. Skoudis's introduction says the book will focus on practicality: "we'll discuss time-tested, real-world actions you can take to secure your systems from attack." Why then in 700 pages is there barely a mention of how to configure a firewall? I think because there are so many applications covered, and because there is so much emphasis on all the fun and cute tools (like the sysinternals ones, and netcat) that some of the less exotic and useful ones suffer in omission.

The Introduction also says the book is operating-system agnostic. Both Windows and Linux are covered, true, but that's not a very broad slice: Solaris, HPUX, BSD, Tru64 and OS X barely get a mention. Even if the book is mostly aimed at home users, there are many using OS X, and in fact many using Mac OS, Windows 98 and even non-Intel platforms.

The illustrations are limited to diagrams, tables and screenshots, and while they are nothing fancy, most are quite clear and helpful.

There is no accompanying CD with the book, but there are so many tools covered in the text, chances are that many of would be quite out-of-date by now anyhow, so you are better off downloading them yourself. Skoudis has a web-site at counterhack.net/, and co-author Lenny Zeltser has one at zeltser.com/. The web sites are not limited to discussing this book, but are more about what Ed and Lenny have written lately, and the "Crack the Hacker Challenges" on Ed's site look fun. There's a list of references at the end of each chapter, and many sources refered to in the text (especially in the last 2 chapters), though I am surprised antivirus company web sites like f-secure, Sophos and CA weren't included; I have found the analyses there at least equal in accuracy and depth to those of McAfee, Trend and Symantec.

As far as bootable CDs for forensics and network security tasks, I'm surprised Trinux and Knoppix STD didn't score a mention, though normal Knoppix and FIRE are mentioned.

The chapter on malicious mobile code covers Java and ActiveX fairly evenly, but I think more emphasis on current threats is the way to go. (Particularly as there is so much FUD surrounding adware and how to remove it.)

One very general flaw with the book is that it tends to focus on the fancier stuff not just in its selection and description of security tooks, but in the actual malware discussed. The information on Code Red II and Bugbear.B is a noticeable exception to this, but many of the other viruses that are discussed -- like Kallisti, Tristate, PHP.Pirus, and Win2k.Stream -- are anything but common.

All that said, I haven't seen any other books that provide such great explanations of rootkits, malicious mobile code or adware, but also hint at things to come like Flash/Warhol worms and microcode malware. This book fills a void in that it covers current malware (with some historical perspective) with enough analogies, scenarios and "detective work" to hold the reader's interest. Hopefully readers will be inspired by the enthusiasm that Skoudis and Zeltser obviously have for fighting malware, and will use this book as a stepping stone to learn more and beat the malware that seems all too prevalent on today's Internet.

You can purchase Malware: Fighting Malicious Code from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

James Edward Gray II writes "Beginning Perl (Second Edition) is a well named text that starts exactly where it claims. It assumes no prior knowledge of Perl or of programming in general. If that describes your needs, this book is a fine place to start." Read on for the rest of Gray's review. Beginning Perl (Second Edition) author James Lee with Simon Cozens and Peter Wainwright pages 429 publisher Apress rating 7 reviewer James Edward Gray II ISBN 159059391X summary A Solid First Perl Tutorial.

Beginning Perl is a conversational-style tutorial that will guide you through your first steps into the Perl world and even a little beyond. The first two-thirds of the book cover the basics of programming with Perl including data types, flow control and IO.

The casual flow through here will help prevent fledgling programmers from suffering information overload. The authors handle the need to provide enough information, though, by revisiting topics repeatedly, going a little deeper each time. Unfortunately, this hurts the volume's use as a reference, as it's quite a challenge to go right to something. (Example: The built-in join() is covered in the chapter on "Regular Expressions," which is certainly not the first place I would look.) The index is decent and can guide you through these problems, if you remember to start there.

In keeping with the book's tone, side-trips and diversions are fairly common. Early on, these center around topics like "How to Think Like a Programmer" and "What Exactly is a Binary Number." I mention this because I know some readers appreciate this level of detail, while the interruptions annoy others. I found many of the discussions insightful, but it did occasionally get carried away with itself. (Example: There is a whole page on Perl's versioning scheme that goes so far as to discuss what a "patch pumpkin" is. Interesting or not, it seems out of place in here.)

One of Beginning Perl's real strengths is its constant encouragement of the programmer in training to experiment as a means of further learning. The text often suggests things to try and each chapter ends with a set of exercises. Answers to exercises are provided in an appendix. The only way to really learn programming is to program, so I was glad to see this push in the right direction.

The final third of the book digs a little deeper, examining references, object oriented programming, the CGI protocol and interfacing with an external database. Make no mistake, these are only introductions, but they are a nice addition to a beginner's book that will have you doing a little practical programming quickly. The "Introduction to CGI" and "Perl and DBI" (database interface) chapters really stood out here.

Two chapters were rocky enough to mention. "Regular Expressions" does not handle its content well, I'm afraid. You spend most of the chapter seeing if a pattern matched, but not what it matched. That's an important distinction for me. Learning regular expressions can be tricky and you need to see exactly what's going on. This issue is finally address near the end of the chapter, but it needed to come sooner. True beginners will likely need considerable experimentation of another book to really catch on to regular expressions.

"Object-Oriented Perl" was also problematic. Frankly the chapter bit off more than it could chew and doesn't really manage to teach much because of it. (Example: Inheritance isn't even addressed.) I think a better use of the chapter would have been to outline only the use of objects as a setup for later chapters, leaving the creation of objects to a volume that could spare the space to do the topic justice. Again, beginners will definitely need more material to be comfortable with object oriented programming.

To summarize, if you've wanted to learn Perl but haven't yet taken the plunge, you could do a lot worse than to start with this book. It's a casual tour of the basics with a few teasers for further study opportunities.

You can purchase Beginning Perl, 2nd Ed. from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Robin "Roblimo" Miller is well-known in the open-source world for advocating cheap, user-friendly Linux computing and demonstrating that it's not only possible but available, right now. (He's also a writer and editor at NewsForge, and the editor in chief of OSTG, of which Slashdot is a part, and therefore one of my bosses; take that for what it's worth.) Roblimo's new book Point and Click Linux really consists of three things: the book itself, an included copy on CD of the Debian-based SimplyMepis Linux distribution, and a DVD featuring Roblimo's multi-part narrated video guide for getting started with Linux, Mepis and KDE. "Getting started" is key; this book is for the interested beginner, not the power user. Read on for the rest of my review. Point and Click Linux author Robin "Roblimo" Miller pages 270 publisher Prentice Hall rating 9 reviewer timothy ISBN 0131488724 summary Friendly, casual, hands-on approach to Linux; blasts users' fears that Linux is hard to use for everyday tasks. The Linux with which to point and click

SimplyMepis is a KDE-centric Live CD Linux which is also well suited for hard-drive installation. Before talking about Point and Click's text, Mepis itself deserves some description, because it's the basis for the examples in this example-laden book.

Not many years ago, books that came with a Linux distribution usually had the user prepare an initial pair of floppies, cross his fingers, and sacrifice at least a hard drive partition just to try it out by installing either from a CD or over the network. If the user wanted to keep an existing Windows partition, things were even more complicated, because there were no newbie-friendly non-destructive partition editors. Having bored (suffered) through that process, and seemingly tried every possible combination of boot+root floppy images before hitting the one that actually worked all my hardware enough to let the installation begin, I'm a big fan of Live CD Linux distros: this is progress.

Until sometime last winter, I would have suggested that any Linux book come with a copy of Knoppix, which is so astoundingly useful it's nearly impossible to overpraise. (I'm glad to see that several books are now coming bundled with it. Marcel Gagne's Kiss the Blue Screen of Death Goodbye and Knoppix Hacks both come with pressed versions of Knoppix.) Mepis, though, deserves the acclaim that's been heaped on it in the last several months, and makes a perfect choice to include with a book for Linux newcomers. And while a Live CD has obvious advantages, a user can follow the bulk of this book with any computer running KDE under Linux (or one of the BSDs, for that matter).

Mepis is at present my most-used distribution; I've used it recently to:

• Rescue data from a friends' grandmother's malware-hobbled Windows PC, on which the Windows goo was so thick that even booting up was at best a sometimes thing. (Switching her to Linux entirely is the next project.)
• Install Mepis's version of Debian on several of my computers; in fact, Live CDs like Mepis and Knoppix are the only way I've installed Linux for the past year.
• Show some kids TuxKart. (One of them beat my all-time high on his first attempt. Beginner's luck.)

Compared to Knoppix and most other live CDs, Mepis has what I consider a slightly friendlier feel; in particular, it gathers several of the more annoying and potentially intimidating sysadmin tasks into two groups, each with an icon on the desktop: the "System Center," for tweaking display, network and mouse parameters; and "User utilities," which for now contains only a "Clean User Space" program to clear one's browser history and cache, as well as purge the current bash history and recent documents. (Most people, at birth, don't even know what "sysadmin" means; having desktop icons to common admin tasks is considerate of new users.)

Though it will work on a wide range of x86 machines, like any Live CD (and any OS, really) Mepis benefits from running on a fast system with lots of RAM. 128MB of free RAM is what I'd call a realistic minimum; my system is perfectly run-of-the-mill by current new-PC standards (Sempron 2800+ processor, 512MB of RAM), and far more than necessary.

Get clicking

Point and Click Linux is aimed squarely at those new -- including perfectly new -- to using Linux at all, and it would make a fine non-intimidating manual for someone sitting down at his first computer.

To that end, Roblimo does not assume that the reader will be installing Mepis onto his hard drive; the whole point of the book is that all the point-and-click magic can be tried on a typical Windows PC with nothing more than a reboot. That said, current hard drives are much faster than current optical drives, and a system installed to a hard disk makes saving files a simpler process. I had brand-new system bought from a local megastore which was all set for a Free operating system, and decided to put this version of Mepis onto it. I used this book as my guide to the system, as I suspect a new user would -- as an actual step-by-step guide, not a random-access source of knowledge. So I installed the system and then tried the examples throughout.

The first four chapters make up a section called "Getting Started." Chapters here stray toward the short and snappy rather than comprehensive; all four of these might be condensed into a single chapter in a book meant for technophiles. Getting Started details some of Linux's advantages (lack of spyware, quick bug fixes, low price), booting Mepis from the CD-ROM drive (or installing it to hard disk) and working with KDE. The level is perfect for a literate but ignorant user: Roblimo explains in simple terms how to log in to the system (user "demo," password "demo" for the live CD), moving about on the KDE desktop, and using the KDE panel and K menu. He sneaks in one application in this section, too (KWrite), not so much as an application in itself, but because it demonstrates how other well-behaved KDE programs should act when it comes to opening and saving files, navigating the directory structure, etc.

An early snag: Chapter 4's instructions on reformatting a hard drive to let Windows and Linux both exist happily on the same PC didn't work for me. I was installing onto a brand new hard drive, and I thought I'd give dual-booting a shot to see what Windows was like nowadays, and so followed the instructions on setting up a machine to dual-boot. The disk-partitioning and formatting program QTParted (as user friendly as anything I've seen in that category on any platform) recognized the Windows partition that came with the machine, and let me shrink it to make room for installing Linux. But after divvying up the hard drive space and actually copying Mepis onto the drive, the machine would happily start Linux, but never actually booted Windows -- only generated an error message that it couldn't. I repeated the whole process, with the same result. It could be a quirk of my hardware (or more likely, pilot error, since I don't see similar complaints in the Mepis forums), but I never did get it to boot into Windows.

For many users, though, a functioning Windows install is probably a non-negotiable requirement. If any readers run into the same problem I did, and can't just shrug and toss Windows completely, my happy-overkill advice would be to invest in a second hard drive and skip all the hassles of dual- or multi-booting. (Storage is cheap, and it's hard to have too much of it.) If your drives are big enough, it also means you can back up the important data from each one onto the other, which is a nice bonus. Since Windows is to me only a curiosity, I decided not to pursue the partitioning problem -- I did the install one more time, this time choosing to use the entire hard disk.

That hitch aside, the book is straightforward, practical and accurate. It's also limited to a small subset of tasks and activities, which is perfectly reasonable given the intended audience.

Section II, "Linux Applications" is the book's largest, mostly because here too chapters are divided by application, rather than throwing several apps into a small number of longer chapters. It's also the most important, in my view, because the point of using Linux -- for most people, at least -- is not to simply appreciate its aesthetics, but to get things done. ("Getting things done" includes playing games!)

The applications covered start with Kppp (also given its own video segment on the DVD) -- a handy choice, because while Mepis will automatically detect and set up a DHCP broadband connection, readers who don't have broadband set up will benefit from many of the other apps (email, web-browsing, IM) only if they have a working Internet connection. Since I'm using a DSL connection, I didn't need to follow the advice here, but as a long-time Kppp user, I can vouch for the accuracy of its instructions. Yes, readers will need a Linux-friendly ISP and a phone line; the book as well as the video address this reality.

With Internet connection in place, the section proceeds apace, introducing Mozilla across not one but four separate chapters. (An introductory chapter to the Mozilla suite, followed by one apiece on Mozilla as a browser, email client, and web-page editor.) Firefox and Thunderbird are given a quick mention, but for the purposes of this book, Mozilla it is. I've recently moved almost completely to Firefox as a web browser, and I wish that Firefox had been emphasized instead, but the same principles apply at any rate. Windows users unused to browsers besides IE are likely to be pleased with the lucid instructions on blocking pop-up ads.

Chapters 10 through 15 also introduce a software suite in several easy chunks, this time the OpenOffice.org applications. While 5 chapters in 30-some pages is clearly not enough to make anyone an expert, it is plenty to establish the basic operations it takes to create and manipulate documents containing text, numbers and graphics in OO.o. The short (one-page!) Chapter 15 succinctly addresses working with Microsoft Word: "But don't expect 100% compatibility with MS Office. You won't get it. Instead, expect to get enough compatibility for everyday work, with some of the 'frills' left out."

The other chapters introduce some of the other Linux standbys included with Mepis: the multi-IM wonder Kopete (my current favorite AIM client), The GIMP, Frozen Bubble (fair warning is given about its addictive nature) and more. Especially worthy of note is the finance application called CheckBook Tracker, which is simpler than GNUcash but allows for low-key tracking and balancing of passbook accounts, and is a good start for putting money management on a computer. I'd never heard of it before reading this book, and I'm impressed.

A third section, "Beyond the Basics," is still pretty basic by Linux-world standards, but provides some appetite-whetting for new users, with instructions on the rudiments of installing new software using Kpackage, changing the look of one's desktop, cooperating with Windows (using Samba, Win4Lin and CrossOver Office), and customizing the included firewall application. Worms and the viruses aren't the problem under Linux that they are for Windows users, but they certainly could become more of a problem, and it's good to have some information on limiting outside access to one's PC.

While Kpackage is a perfectly competent package, I hope that the next version of Mepis will include by default the even-friendlier Synaptic as well as Kpackage. This section is one where I wish the short chapters had been at least a bit longer, because much of the coolest software for Linux is out there waiting to be grabbed. Maybe that's for the next set of readers up the totem pole, though.

However, a nice chapter (written by Joe Barr) at least gives some of the command-line rudiments that readers will need to get beyond pointing and clicking, which even in a book about getting along with the GUI is useful information.

A few appendices round out the book; one gives additional information on Mepis, and the other two list currently popular distributions and books, for readers who want to take the next steps toward Linux proficiency.

The small screen

The included video -- 13 short videos, actually -- are fun, and a nice touch. They illustrate in what will for experienced users be excruciating detail the same things the book talks about. When Roblimo says "put it in your computer's CD drive," you see his hand putting the disc into his computer's CD drive. When he says to move the mouse to a certain point, you see his pointer (helpfully highlighted with a translucent yellow circle) move to the appropriate spot.

For new users especially, I think it's much easier to follow something being done on screen than it is to interpret written instructions. The production on the DVD is what you might expect from the guy who for years ran a site called cheapcomputing.com; strictly functional and a bit rough around the edges, with adequate but lo-fi sound and picture, including Roblimo's web-cam captured face as he talks the user through each step. Having a human face on screen blunts the strangeness of watching someone else's disembodied pointer move around the screen pointing and clicking away, which is the case with some video-training material.

(One wrinkle: unless you have both a CD ROM drive and a DVD drive in your PC, you won't be watching the videos and running Mepis as a live CD at the same time. Mepis will be occupying at least one optical drive until you decide to exit it completely.)

You can probably tell already whether Point and Click Linux is suited for you, and the answer is likely No. Just the same, I discovered a few things about Linux and KDE that I'd never tried before reading the book, and know at least a dozen people I think would benefit from a copy.

You can purchase Point and Click Linux from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

Craig Maloney writes "I'm skeptical whenever a publisher uses the words 'Definitive,' or 'Complete,' or (especially) 'Ultimate' in the title of a computer book. Sadly, the typical book so labeled is a jumble of incomplete ideas crammed together with very little depth. Worse, some books do little more than re-print the various command-line switches for the application. Michael Kofler's The Definitive Guide to MySQL (2nd ed.) is just the opposite. There're still lots of ideas crammed inside of the book, but they're carefully explained and expanded. The book weighs in at a hefty 802 pages, with very little fluff. " Read on for the rest of Maloney's review. The Definitive Guide to MySQL author Michael Kofler pages 802 publisher Apress rating 10/10 reviewer Craig Maloney ISBN 1590591445 summary A useful and complete reference to using and programming with MySQL

The book has four sections: Introduction, Fundamentals, Programming and Reference. The Introduction begins with a brief introduction to databases, relational databases, ANSI 92, and how MySQL fits in to each of these. It also touches on the licensing for MySQL (commercial vs. non-commercial usage) and a version roadmap for past and future releases of MySQL. The roadmap is very helpful to know what features are present in the version of MySQL you may be using (or are planned for an upcoming release).

Next, Kofler sets up a rudimentary testing environment which is used through the rest of the book. He does an excellent job of outlining a decent development environment under both Unix and Linux without getting too bogged down in trying to describe every single user interface for accessing MySQL (those are described later in the book). It steps through setting up MySQL, Apache, Perl (with DBD and DBI), and PHP, and also adds phpMyAdmin as a graphical tool to administer the databases. The unit ends with a simple PHP script to handle an opinion poll. This all happens in the first 80 pages of the book.

Fundamentals

The next section expands on the basics learned in the first chapter. First is a chapter on the user interfaces available for using MySQL, starting with the MySQL command-line client, followed by an introduction to several graphical clients (including phpMyAdmin and MySQLCC). Database design is covered in the next chapter, starting with a brief overview of the theory in designing a relational database. First, second and third normal forms are introduced with examples, as are relations (1:1, 1-n, and n-n), data types, and indexes. Once the reader is armed with the theory, the book continues with how to create the tables in SQL, and covers using SQL to examine and manipulate data in "Introduction to SQL." "SQL Recipes" contains lots of useful scripts for handling interesting cases of SQL (like selecting data at random, pivot tables, creating a new table by copying, etc). A special section is devoted to the new InnoDB format, which brings transactions and integrity rules (foreign key constraints) to MySQL. "Security and Administration" complete the Fundamentals unit with topics on user-level security, backing up the data, and replication between two MySQL instances.

Programming

Unlike most books, the programming languages introduced in The Definitive Guide to MySQL aren't introduced with examples as though you have never programmed a computer before. (So beware, if you haven't; this is probably not the right book for you.) The examples start with useful code that assumes familiarity with the language. The examples are excellent, demonstrating how to efficiently get your code connecting to the database. The author covers PHP, Perl, Java, C and C++, and Visual Basic, C# and ODBC. PHP is the real star of the book, though, garnering a second chapter to expand on the earlier examples presented in the book, but the other languages (and ODBC) are given excellent treatment. Fans of these languages will be able to get their programs running with MySQL using the examples from the book.

Reference

The last 100 pages (not including the appendix, glossary and index) contain several references for MySQL. "The SQL Reference" covers the SQL commands that MySQL understands (along with what versions they are valid for), as well as system and session variables and data types. Coverage of the utilities that MySQL uses is in the "MySQL Tools" section. Lastly, the API reference rounds off the book with the functions and variables for each language in an easy-to-use reference. Whew!

Programmers will find excellent examples for linking their programs with MySQL, and developers will find the reference and examples extremely useful for taking their data from creation to deployment. I found this book easy to read and exceptionally useful. The author did the hard work of taking the documentation and sifting through it to bring the useful parts together clearly and concisely. Definitive indeed.

You can purchase The Definitive Guide to MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

r3lody (Raymond Lodato) writes "Like most people, I've only scratched the surface (well, maybe I gouged it a bit) of the capabilities of the Microsoft Office products. There are more features buried in them than most users ever discover. I use Microsoft Excel frequently in my job to analyze all sorts of data. When they came out with Pivot Tables, I dabbled in them and found several uses for them. However, documentation being what it is, I never really got to understand and utilize Pivot Tables' full capabilities. Now, Apress has published A Complete Guide to Pivot Tables: A Visual Approach, by Paul Cornell." Read on for the rest of Lodato's review. A Complete Guide to Pivot Tables: A Visual Approach author Paul Cornell pages 368 publisher Apress rating 10/10 reviewer Raymond Lodato (rlodato AT yahoo DOT com) ISBN 1590594320 summary A well-researched step-by-step tutorial on the use and programming of Microsoft Excel PivotTables for data analysis.

If you have any need to analyze data in Excel, you must read this book. I learned so much more about PivotTables after I read it that they are now actually useful, rather than just being something I would occasionally try out. Every chapter is packed with excellent information in an easy-to-follow format. A beginning to intermediate user can understand most of the book; only the chapter on programming PivotTables requires intermediate to advanced knowledge to fully comprehend.

Cornell takes a tutorial approach to explaining what PivotTables are, what they are capable of doing, and how you can apply them to your needs. Each chapter in the Complete Guide gives you an overview of a single topic, a series of step-by-step examples, a Try-It section for more practice, and a summary of next steps. The book was written for Excel 2003, but most of the techniques can be applied to Excel 2002 and even Excel 2000.

When you read this book, I would recommend that you sit at your computer to try these techniques as you read them. I tried to just read the book at first, but you really get itchy to try each feature out. Take it in sequence, as there is a definite building from one chapter to the next.

Chapter 1 gives you an overview of the PivotTable feature, what it's meant to do, and why you would use it. Chapter 2 starts the in-depth training of building basic PivotTables from Excel Lists, external data sources, other PivotTables, etc. It also includes tips on formatting the information and tweaking the fields and table to your liking. Chapter 3 goes even deeper, with information on advanced settings, filters, calculated fields, and other little gems that make analysis easier. These three chapters complete your basic training and lead to chapter 4, "Using PivotTables in the Real World." Paul proceeds to give not just one, but three examples of how PivotTables could be used to provide insight into company operations.

While everything I'd known about PivotTables before picking up this book was covered in the first three chapters, the last three chapters explain additional capabilities that really make Excel valuable for data analysis. Chapter 5 explains PivotCharts, which are simply a graphical representation of the information shown in a PivotTable. Paul goes into detail on the different chart types and how they interact with the underlying PivotTable.

If you need to distill and analyze multidimensional, relational data, PivotTables are up to the task, as chapter 6 will demonstrate. The book describes how you use cube files, OLAP databases, and Microsoft Query to get the data and manipulate it. If you're a really capable programmer, comfortable with VBA, chapter 7 shows you how to work with PivotTable programmatically. There is program after program showing you exactly how to get at the data, massage it, and create the resulting PivotTable.

Finally, there is one appendix that describes the differences between Excel 2000, Excel 2002, and Excel 2003. I was originally reviewing this book while using a computer with Excel 2000. I was delighted to find out that most of the information in the book works exactly as Paul described (although the screen shots didn't match). I did recheck some of the examples on my other machine running Excel 2002, and had no problems at all.

Granted, this book is specifically written for Microsoft Excel. However, OpenOffice, the free competitor from Sun MicroSystems, mimics most of the Microsoft Office suite. How does it compare, you ask? Well, OpenOffice has a similar facility to PivotTables, called DataPilot; however, DataPilot is primitive in comparison. For example, you must select the data to summarize, choose (from the menu bar) Data --> DataPilot --> Start, then drag the fields to the appropriate place in the diagram and click OK. Like Excel, you can freely move the fields between row, column, and data areas, and change the data operation from Sum to Min, Max, or a number of others. Unlike Excel, there isn't much more you can do. You don't have Page fields; you can't sort fields on their data; PivotCharts aren't represented; and there's no programming. If you only want to do simple data analysis in OpenOffice, you can get the basics from chapters 1 and 2 of this book.

You can purchase A Complete Guide to PivotTables: A Visual Approach from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Daniel Shefer writes "Joel on Software is a collection of essays from the Joel Spolsky's Joel on Software web log. Spolsky is also the author of User Interface Design for Programmers (previously reviewed on Slashdot) and is the principal of Fog Creek Software. In this book, Spolsky distills his technical knowledge, wit, and years of experience into an engaging collection of essays on programmers, programming and the software world. Spolsky covers everything from the technical aspects of writing code to software project management, and even offers insights into software marketing." Read on for the rest of Shefer's review. Joel On Software author Joel Spolsky pages 362 publisher Apress rating 9.5 reviewer Daniel Shefer ISBN 1590593898 summary Great insights into programming, software in general and how to do it right.

The essays in this book are even-handed. While he focuses on Windows, Spolsky is not a fanatic believer in one approach over another; if C# works better than Visual Basic for a specific task, so be it. His approach is refreshing when so much is written by opinionated members of the "Microsoft is the source of all evil" camp.

Spolsky starts with down-to-earth topics, such as how to estimate the length of time programming tasks will require, and the ratio of QA people to developers needed for a healthy product. He then moves on to share his thoughts on managing developers and higher-level software-related issues.

One of the book's opening salvos, "the Joel Test for Better Code," is a simple "irresponsible" test that Spolsky created to provide insight into how well a development organization is functioning. The test looks for things like using source-code control, and having testers create daily builds with a single click of a button. As someone who has worked companies that would have failed the "Joel Test" miserably, I can attest to the importance of these criteria.

The chapter on Unicode is a short and to-the-point overview on the topic and should be required reading for any software developer and product manager who wants an introduction to Unicode.

Clean and bug-free code is a common thread in several essays in the first part of the book. Spolsky explains the inappropriateness of developers performing QA and stresses the need to "eat your own dog food." Having developers conduct testing is a waste of resources and upsets them just the same; forcing developers to use their own product will motivate them to create a better one.

In "Fire and Motion," Spolsky takes issue with the "architect astronauts" who generate vague technology announcements that are often counterproductive by creating fear, uncertainty and doubt. While these announcements may drive competitors to waste cycles in converting their code base to the latest technology, they offer no real substance. Misguided companies, mesmerized by the promise of new technologies or by demands from numskull customers, can sap years of developer time when product improvement should have taken precedence.

In "Biculturalism," Spolsky dispassionately discusses the differences in world view between Windows and UNIX programmers. Spolsky probably rankled some UNIX fans, but I share his perspective. Spolsky points out that UNIX developers are just as smart as Windows developers, but when it comes to understanding their end users and having empathy for customers, they tend to fall short.

The "Gorilla Guide to Interviewing" is relevant to all hiring managers. Spolsky describes some of the traits of his ideal hires. Those who, in one sentence, are both smart and "get things done." Spolsky believes in hiring people that can perform multiple roles. Spolsky believes in making a "sharp" decision about the candidate, and finds insulting that a hiring manager would not find the interviewee good enough for his own team but would refer him to another team. Spolsky shares one of his hiring secrets: never hire a "maybe." This might seem obvious, but he details why it's better to reject a good candidate than to hire a bad one. Firing can cost a lot of money, time and effort. Additionally, Spolsky suggests questions to ask during an interview and the necessary "what not to ask."

The "Iceberg Secret Revealed" discusses the manner in which customers express their pain, and points out that customers often don't really know what they want. It is the product manager's job to find a solution that will solve their customer's pain while keeping an eye on the market she is addressing. Just listening to customers without proper filters, is as Spolsky points out, a recipe for disaster. And the Iceberg Secret? Spolsky illustrates in five different ways how customers and stakeholders only look at the tip of the iceberg, and not at the substance beneath it.

In one of the shorter chapters, a missive on measurement, Spolsky addresses the prickly issue of measuring performance in companies. In addition to his own insights on measuring performance, he recommends Measuring and Managing Performance in Organizations by Robert Austin. I will add that to my reading list.

Spolsky wrote an introduction to In Search of Stupidity . He offers there the "geek's" perspective on what it takes to make a successful software company, taking as a starting point the ten largest software companies in 1984 and the equivalent list of 2001. His conclusion is that "no software company can succeed unless a programmer is at the helm." With his usual even handedness, he is quick to point out some of the debacles programmers are responsible for. In the example he gives, Netscape's disastrous rewriting of their code base and almost complete loss of market share while they were doing it. His bottom line? To succeed, a company needs a management team that love and thoroughly understand programming and understand and love business. Not as easy as it sounds.

In his five "Strategy Letters," Spolsky writes about issues that are relevant to anyone making strategic business decisions in the software industry. He starts with company growth modes by comparing Ben & Jerry's to Amazon. He then discusses the classic "Chicken and the Egg" problem when building new platforms. His example is still relevant -- few will develop .NET-based clients until a large number of end users have the .NET engine installed on their PCs and end users will not install it until there are enough applications that require it. Spolsky moves on to discuss backward compatibility, open source economics and the myth of bloatware.

Spolsky points out that despite the growing size of applications, the cost of disk space has plummeted even faster. This may be true, but Spolsky does not address the programs' resulting sluggishness despite more and more processing power. Spolsky wraps up the essay by dismissing the notion of coming out with a "lite" version for a given software product. I agree that lite versions do not always satisfy everyone, but they can be a great way to keep out low-end competitors from entering the market in addition to a way to introduce customers to the high-end product.

The chapter about Microsoft losing the API war is a classic. Spolsky starts with the seemingly outlandish assertion that Microsoft lost the API war. After apologizing for his "grandiloquence and pomposity," he goes on to build a convincing case that if Microsoft has in fact not lost the war, they are definitely in danger of doing so. He starts with the diminishing interest in the Windows API as a development platform. He then describes how two camps inside Microsoft (the "Raymond Chen" and the "MSDN Magazine" groups) are influencing Microsoft's approach to their developers' tools. The former group emphasizes creating a backward-compatible operating system, free of bugs and impervious to third-party applications' errors that can harm it. On the other hand is the MSDN group, promoting the latest and greatest Microsoft has to offer. As Spolsky sees it, the latter group has the upper hand, and because of this, Microsoft is losing their developer base to simpler, more easily deployed platforms.

In part 4 of the book, Spolsky takes on Microsoft's .NET strategy. He describes Microsoft's tendency to create FUD in the marketplace with vague, hollow statements, and details his own company's reasons for not adopting .NET anytime soon. Spolsky wraps up with a very straightforward feature request: a linker for .NET. This would seem to be an obvious feature, but Microsoft so far doesn't agree. Microsoft is acting as though they want to win the development platform war in a single sweep. At the same time, independent software vendors (ISVs) are resisting, because they have to guarantee backward compatibility and support for everything their customers run.

My only complaint about the book is that it's too short. On my bookshelf, it resides next to the Mythical Man Month, another favorite.

Spolsky is knowledgeable, funny and free of unnecessary religious fervor. Joel on Software is a must-read for developers, product managers and those who want more insight into the world of developing software.

Daniel Shefer is a Software Product Management professional and has written numerous articles on this topic. You can purchase Joel on Software from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

norburym writes "The publishers' blurb on the back cover describes Knoppix as 'a veritable Swiss Army knife in CD form.' Knoppix Hacks by Kyle Rankin is no less astounding in revealing the hidden versatility and power inherent in this unassuming tool." Read on for the rest of Norbury-Glaser's review. Knoppix Hacks: 100 Industrial-Strength Tips and Tools (with CD) author Kyle Rankin pages 336 publisher O'Reilly rating 10 reviewer Mary Norbury-Glaser ISBN 0596007876 summary Knoppix Hacks

Most Linux users will recognize Knoppix even if they've never given it a whirl, but this book goes beyond the simple "how to create and boot from a Knoppix Linux Live CD." Rankin displays the raw power that lies beneath the surface of simply running a clean distro of GNU/Linux free from fear of installation issues. Proper Knoppix books are lacking in the wild, with mere chapters in general Linux volumes mostly dedicated to larger issues for both the novice and the intermediate user. One or two Knoppix books are out there (and one by Samuel Hart, Knoppix Komplete, is in press) but what sets Knoppix Hacks apart is not that it is one of the few available on the subject, but rather Rankin's skill in exposing the underutilized potential in the Knoppix tool set.

This book begins with a forward by Klaus Knopper, creator of Knoppix. It's always entertaining and enlightening to read a first-hand account of some clever soul's chance involvement with an "experiment" that turned out wildly successful and this is no exception. The "Knoppix Story" is engaging and leaves the reader with a sense of awe at the ingenuity of this dedicated and resourceful individual.

Rankin has collected a "who's who" of Linux hackers to contribute to this book: John Andrews, creator of Damn Small Linux; Fabian Franz, creator of FreeNX server; Alex de Landgraaf, creator of Morphix; Simon Peter, developer of klik; Wim Vandersmissen, creator of ClusterKnoppix and many others no less accomplished, all of whom have contributed to the future of free software/open source development.

As is expected with the O'Reilly Hacks series of books, the chapters are structured with clean typographical conventions identifying URLs, directory/folder/file names, code examples and excerpts, sample text delineation and cross-references. Tips and warnings are clearly identified with pushpin and screw graphics, respectively, and indented. There are a helpful number of tips without getting too overwhelming or annoying by breaking the flow of the text. The thermometer icons next to each hack indicate the level of expertise required: beginner, intermediate and expert. Screenshots are placed where needed but again, the reader isn't left distracted by unnecessary filler.

The nine chapters cover hacks ranging from beginner to expert: "Boot Knoppix," "Use your Knoppix Desktop," "Tweak Your Desktop," "Install Linux with Knoppix," "Put Knoppix in Your Toolbox," "Repair Linux," "Rescue Windows," "Knoppix Reloaded" and "Knoppix Remastered." The book includes a CD with v.3.4 of Knoppix (3.6 having just been released; the author wisely chooses to stay with the tried, true and debugged version).

The first two chapters are pitched to beginners, with Chapter 1, "Boot Knoppix," leaping directly into downloading Knoppix and creating a bootable CD. It then covers "cheat codes" - options passed at the boot: prompt to work around hardware detection and support failures. Tweaking X settings, desktop and laptop scenarios, language settings and optimizing the Knoppix CD are also included here. Chapter 2 introduces details of the KDE desktop and encourages the reader to become familiar with the Knoppix desktop, the applications included and connecting to the Internet (even via GPRS over Bluetooth!).

Chapter 3 concentrates on saving settings and documents, using Knoppix as a kiosk or terminal server to boot multiple computers over a network from the same Knoppix CD, and how to use the live installer feature to add extra packages directly to ramdisk.

Chapter 4 covers the inevitable situation when you will find yourself using Knoppix so often that you decide to install it onto your hard drive. Rankin includes single and dual boot system installs.

Chapter 5, "Put Knoppix in Your Toolbox," is where admins should head. The full list of 15 indispensable hacks in this chapter include running remote desktops via rdesktop or xvncviewer, running X remotely with FreeNX, browse Windows shares, create an emergency router, emergency file or web server, wardriving with Knoppix (including how to capture GPS coordinates along with data), audit network security, check for root kits, collect forensics data, clone hard drives, wipe hard drives, test hardware compatibility, and copy settings to other distributions.

"Repair Linux" (Chapter 6) is for those of us who spend a lot of time "breaking" things in the course of experimenting and need to recover the system. Rankin shows hacks for repairing both lilo and grub, how to: back up and restore the MBR, find lost partitions, resize linux partitions, repair damaged file systems, recover deleted files, rescue files from damaged hard drives, backup and restore, migrate to a new hard drive, create Linux software RAID, reset Linux passwords, repair Debian and RPM packages, and copy a working kernel. We will always break something along the way and these hacks help minimize the frustration.

Chapter 7, "Rescue Windows"...well, need I say more? Put these hacks into practice and you'll probably be using them every day. Use Knoppix to: fix the Windows boot selector, backup files and settings, write to NTFS, resize Windows partitions, reset lost NT passwords, edit the Windows registry, restore corrupted system files, scan for viruses and download Windows patches securely. A must for any systems administrators with Windows machines lurking everywhere.

Knoppix Reloaded, in Chapter 8, takes on Knoppix variants Morphix, Gnoppix, Mediainlinux, Freeduc, Damn, Small Linux, INSERT, L.A.S. Linux, Knoppix-STD, distccKnoppix, ClusterKnoppix, Quantian, GIS Knoppix and KnoppMyth. There is also a well-deserved pitch at the conclusion of this chapter to become a Knoppix developer and contribute to the ongoing work.

The final chapter includes seven hacks that help the reader create their own customized Knoppix CD. Knoppix Remastered walks the reader through the steps of customizing and personalizing a live CD.

This is one of the liveliest technical books I've read in a long time. A few of the easier hacks can be found on Knoppix.net or elsewhere but I think Rankin has managed to put the majority of Knoppix related material in one book that could be subtitled the "First Knoppix Manual." The admin hacks, in particular, will add a whole new arsenal of Knoppix wonders to an admin's repertoire. Kudos to O'Reilly for publishing such an outstanding volume, to Rankin for compiling some damn useful material, and to MacGyver for inspiring many of us to look for simple solutions to seemingly insurmountable problems.

You can purchase Knoppix Hacks from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

James Edward Gray II writes "Apress sent me a copy of Holub on Patterns for review, and for that I'm extremely grateful, because this is a gem of a book I would not have liked to miss. Odds are, most object-oriented programmers will feel the same, so allow me to share the highlights." Read on for the rest of Gray's review. Holub on Patterns: Learning Design Patterns by Looking at Code author Allen Holub pages 414 publisher Apress rating 9 reviewer James Edward Gray II ISBN 159059388X summary Design Patterns taught through Real World Programs.

If I can level any complaint against this book, it's probably that the title doesn't properly convey the goodness locked within. Holub on Patterns is short for Allen Holub on Design Patterns. Allen Holub is a long time expert on Design and Design Patterns, so he's the man you want to learn it from. Still, if I could name this book, it would be Object Oriented Design Voodoo. (Note: This is probably why I don't work for Apress or any other publisher.)

The book's subtitle is "Learning Design Patterns by Looking at Code." That probably conveys the work's focus a little better and it also gives away one of the book's best features: sensational examples. (These examples are in Java, another area where Holub is a well-known authority, but the concepts taught apply to Object Oriented Programming in any language.)

Titles aside, this book really is the best work I've read on design patterns. If you don't already know, design patterns are the recurring patterns of object-oriented software implementations. Luckily, you don't have to know anything about them to read this book. The author covers many patterns in rich detail from the beginning. Even if you do know your design patterns well, I'll wager Holub still has a trick or two to impress you with.

Holub discusses patterns in their ideal pure form, but much more importantly he shows them as they occur "in the wild," with multiple variations. He covers the downside of each pattern, weights the trade-offs of using them, and even gives a handful of cases where he felt they were impractical. He does all this right in the middle of complex real-world examples so you can see each point he's making. That's actual programming, folks. The good, the bad and the choices we programmers make are well presented, and that's rare in a programming text.

The book opens with two chapters that more or less cover why we need design patterns at all. Did you know getters/setters are bad? Did you know that subclassing is dangerous? If you said No to either question, you need this book and these two chapters in particular will get you up to speed on good OO practices. This section of the book is mostly theory, light on examples.

The next two chapters (covering over 250 pages) make up the heart of the book. Holub examines two examples in exhaustive detail. The first is his implementation of The Game of Life. You've probably implemented that on your TI calculator, but Holub sure didn't. He admits that his implementation is "Toy Code," but it's a robust example that involves eleven design patterns. The second example is production code, a mini database complete with SQL interpreter. This code is also swimming in pattern usage, and Holub gives you the guided tour.

I've already said these examples are great, but that claim begs some elaboration. First, we're talking about hundreds of lines of code in many of these listings. These aren't the usual contrived junk. What's more, one class may be participating in multiple patterns. Making any sense of these examples would be almost impossible if the author wasn't flawless in explaining the key points and always dropping hints about what you need to notice. This isn't light reading. It's work, but the rewards are there and it'll pay off if you really spend the effort to understand how the code works.

Finally, the book closes with an appendix that gives more typical recipe-card style listings of all the design patterns discussed throughout the text. This is a nice reference after you've finished the tricky stuff. If you're new to design patterns, you might start here, before the book throws you into the lion's den with its massive examples.

Just in case I haven't sold you on this title yet, I better mention the gorgeous hard back binding. Brilliant and sexy. How can you beat that?

Holub on Patterns is a very approachable way to learn a lot about design patterns. If you already know how much patterns can improve your object-oriented programming, you'll really enjoy Holub's presentation of the topic. If you don't yet grasp Design Patterns or haven't enjoyed other works on the subject, you'll just have to trust me: You want this book.

You can purchase Holub on Patterns: Learning Design Patterns by Looking at Code from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Petri Aerikkala writes "Don't judge a book by its cover, but by what it covers. How Tomcat Works has a very ordinary cover, but I cannot overemphasize how useful its contents are. This book does what the title says, plus much more. It is useful for not only those using Tomcat or those working with servlets/JSP/J2EE, but also for all Java developers in general." Read on for the rest of Aerikkala's review. How Tomcat Works author Budi Kurniawan and Paul Deck pages 458 publisher BrainySoftware rating 8 reviewer Petri ISBN 097521280X summary Explains how Tomcat works and how to build a servlet container of your own

First of all, this is the only book I know of that explains how the complete system works. You can find good documentation on how to use this most popular servlet container on the Tomcat project's Web site, but little is said about how it works. If you want to join this open source project, good luck. You should consider yourself lucky (or very brilliant) if you can understand how the system works in less than 3 months by browsing through its millions of lines of code.

However, why I find this book appealing is because of the approach the authors take in analyzing it: build Tomcat from scratch, line of code by line of code, module by module. Miraculously, in doing so they never fail to make sure their readers can follow the technical discussions. In their hands, Tomcat looks easy that even beginners of Java can understand. There are many complex technologies used in Tomcat, and they are all explained well.

The book starts off by building a dummy Web server that can do no more than sending a static HTML page. The web server is simple and consists of only three classes. The backbone of this application is the java.net.Socket class, and the authors take their time explaining this class at the beginning of the chapter. Basically, this is how the application in this chapter works: for each HTTP request, open a socket connection to the client, read the content of the static file, and send the file to the browser. As simple as that.

Chapter 2 builds on the application in Chapter 1. In this chapter, the web server gets some intelligence. It is now able to invoke a basic servlet by calling the servlet's service method. However, more complex servlets are beyond this simple servlet container, mainly because the container passes a null ServletRequest and a null ServletResponse objects to the service method. Before the authors start coding, they explain the javax.servlet package in general so that those new to servlet programming can understand this chapter.

Chapter 3 explains how to create ServletRequest and ServletResponse objects so that the servlet container in Chapter 2 can do more. The excitement comes in Chapter 4 when the authors explain how to pool ServletRequest and ServletResponse objects to beef up performance. This topic is not only relevant to Tomcat, but also Java programming in general. Object instantiation is expensive, and one way to avoid it is by reusing objects. However, you must be careful when your application will be used by many clients, as you must then think about thread safety. Chapter 4 elegantly explains how Tomcat developers solve this problem, as well as teach you a general solution for object pooling. Interestingly, a servlet is always represented by a single instance, and the same instance services all incoming requests.

The authors are also patient in explaining everything step by step, until the last chapters where they tackle more difficult problems such as Digester, JMX, class loaders and session management.

Not only will you be good at configuring Tomcat after you are finished reading this, you will also be able to tell straight away what's going on whenever your Tomcat installation throws up some error message. In addition, if you are really serious about Tomcat, you can start thinking of writing your own modules or extending the existing ones. For example, as the authors have demonstrated, you can extend Tomcat's application loader to automatically reload a Struts application when the struts-config.xml is modified, making the application development process quicker.

This book is also great in answering many questions that seasoned servlet/JSP programmers might have long been pondering. For example, this book discusses the difference between an OutputStream and a PrintWriter, and why you can only use one of them rather than both. It also tells you why you cannot write to the request parameters or headers.

Now, as much as I liked it, this book is not perfect. The first noticeable flaw is that there are quite a number of disturbing spelling mistakes. Also, the index could have been better, not to mention a cover that is plain and uninspiring. However, I have to admit I am very happy with this book and will recommend it to any Java programmer.

You can purchase How Tomcat Works from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

sympleko (Matthew Leingang) writes "In Neal Stephenson's manifesto In the Beginning was the Command Line , he writes about his favorite command-line utility: wc. As simple as can be, wc counts characters, words, and lines in a file. There's no GUI analogue, perhaps because anybody tempted to make one would add too many "features" that cluttered its ease of use. Think: do you know how to count the words in a Word file? BBEdit is a little easier, if you know the button to click." Read on for Leingang's review of Learning Unix for Mac OS X Panther, which seeks to reconcile the conception of user friendliness in OS X's Aqua with the sometimes-denigrated command line. Learning Unix for Mac OS X Panther author Dave Taylor and Brian Jepson pages 168 publisher O'Reilly rating 8/10 reviewer Matthew Leingang ISBN 0596006179 summary Nice and Easy

You can do a tremendous amount of stuff in Mac OS X Panther without ever touching the command line. This includes editing files, transferring them to remote locations, running a web server, and writing programs. Legend has it that some Apple developers wanted to ship OS X without a command-line application because it's anathema to the Mac "experience." But as Unix geeks will tell you, there are tasks which are much better suited to the command line. Routine, repeated, and automated tasks are some, as well as quick-and-easy access to files and directories.

This book is for the skilled Mac user who would like to know a little more about the operating system behind the scenes. There's also information about the Mac's brand of Unix, so someone familiar with Unix but new to the Mac will also find stuff to learn. For those confident in their Mac and Unix skills, however, there's not much new in the book's 168 pages. That's not to say it's a bad book; I found it quite enjoyable to read, and it's a good title to keep in mind to recommend to a Unix novice.

The book begins with an introduction to Terminal.app, the Mac's Unix terminal program. From the very basic (how to find with the Finder) to the fun (how to change the text and background colors) to the useful (how to save terminal sessions into double-clickable .term files), there's much that Terminal has to offer. There's even the cryptic echo '^[]2;My-Window-Title^G' command to change the title of Terminal's window.

The authors then introduce a few simple commands like date and who, and show how to manipulate the terminal's prompt. There's also alias which creates command shortcuts. For instance, if you always run ls with the -F flag, a command alias ls "ls -F" will save you some typing.

Each chapter has two sections which stand out. The "Practice" section gives a list of exercises to try, and the "Problem Checklist" is there to diagnose and fix unexpected behavior.

It's important (especially for those used to other OSes) to understand that in Unix, everything is a file, and all files are organized in the filesystem. This includes plain files, which might be Word documents or system logs; directories, which break up the filesystem into a tree; links, which allow file reuse with different names; devices, drives, etc. All these building blocks of the operating system are discussed. There are also a few pages on vi (which I found quite useful as my vi knowledge up to that point consisted of :q!.) and pico.

Printing on Mac OS X is much like printing on any Unix operating system; you can use pr to format text for line printing, enscript to format for PostScript printing, and lpr to actually queue a printer job. The addition that the Mac provides is a CLI to AppleTalk printers. You can use at_cho_prn to choose an AppleTalk printer and atprint to print to one.

One of Unix's biggest features is its ability to put together small programs to do many different tasks. To count how many files under your home directory are named foo, you can do find ~ -type f -name "foo" | wc -l. By breaking down a problem into components, you only need one-counting program, one file-finding program, etc. The book has a good chapter on this input/output redirection, and how to use those magic top-row characters |, >, >>, and <. Grep (and some light regular expressions) and sort are mentioned as tools for examining text. I thought sed would make a nice addition to this chapter, but perhaps it would lengthen the book too much.

Another advantage of Unix is its true multitasking. What may surprise newcomers to the command-line is that it is possible to run many jobs at once with a single interface. By running commands in the background, one can start large jobs and do other tasks while waiting. In the chapter on multitasking, the & modifier is covered, along with fg, bg, and kill to manipulate processes, and ps and top to report on them.

The command-line interface is lightweight enough that it can easily be extended by a network. This means it's easy (in fact, commonplace) to control a computer different from the one in front of which you're sitting. The authors cover the remote-shell commands ssh and its non-secure cousins, as well as other tools for accessing the internet such as ftp and curl.

The book closes with an introduction to the wealth of open-source software available for Macintosh, now that Macs run a functional Unix. The graphical Unix applications require an X server, which is easy to download and install. The authors show how to install Fink, the Macintosh open-source package manager, and a few big applications like OpenOffice.org and The Gimp.

The last chapter is both a resource list and suggestions for further directions. Those who learn a lot from this book may be interested in picking up shell programming or a scripting language such as Perl.

As I said at the beginning, the book is basic and well-written. Even if you feel it's beneath you, keep the title in mind when a newbie asks what the command-line is all about.

Matthew Leingang is a Preceptor in Mathematics at Harvard University. A funny sentence in the third person escapes him at the moment. You can purchase Learning Unix for Mac OS X Panther from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.